themayor.notion.site Open in urlscan Pro
2606:4700::6812:91f Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://themayor.tech/
Effective URL:
https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Submission: On April 09 via manual (April 9th 2022, 12:56:45 pm UTC) from NL — Scanned from NL

Summary HTTP 87 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 7 domains to perform 87 HTTP transactions. The main IP is 2606:4700::6812:91f, located in United States and belongs to CLOUDFLARENET, US. The main domain is themayor.notion.site.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 15th 2021. Valid for: a year.

This is the only time themayor.notion.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
66	2606:4700::68... 2606:4700::6812:91f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
2	52.33.155.26 52.33.155.26	16509 (AMAZON-02) (AMAZON-02)
2	20.93.28.56 20.93.28.56	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
7	2606:4700::68... 2606:4700::6812:166e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700::68... 2606:4700::6812:176e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::720	54113 (FASTLY) (FASTLY)
87	8

1 2001:4860:4802:36::15 (United States) 1 redirects

ASN15169 (GOOGLE, US)

themayor.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 2606:4700::6812:91f (United States)

ASN13335 (CLOUDFLARENET, US)

themayor.notion.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o324374.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.33.155.26 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-155-26.us-west-2.compute.amazonaws.com

logs-01.loggly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.93.28.56 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

api.statsig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:166e (United States)

ASN13335 (CLOUDFLARENET, US)

hkfxbbdzib.notion.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6812:176e (United States)

ASN13335 (CLOUDFLARENET, US)

www.notion.so	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::720 (United States)

ASN54113 (FASTLY, US)

images.unsplash.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
66	notion.site themayor.notion.site	6 MB
13	notion.so hkfxbbdzib.notion.so — Cisco Umbrella Rank: 22596 www.notion.so — Cisco Umbrella Rank: 10642	6 KB
3	sentry.io o324374.ingest.sentry.io — Cisco Umbrella Rank: 27855	416 B
2	statsig.com api.statsig.com — Cisco Umbrella Rank: 22136	9 KB
2	loggly.com logs-01.loggly.com — Cisco Umbrella Rank: 6701	586 B
1	unsplash.com images.unsplash.com — Cisco Umbrella Rank: 4678	806 KB
1	themayor.tech 1 redirects themayor.tech	285 B
87	7

	Domain	Requested by
66	themayor.notion.site	themayor.notion.site
7	hkfxbbdzib.notion.so	themayor.notion.site
6	www.notion.so	themayor.notion.site
3	o324374.ingest.sentry.io	themayor.notion.site
2	api.statsig.com	themayor.notion.site
2	logs-01.loggly.com	themayor.notion.site
1	images.unsplash.com
1	themayor.tech	1 redirects
87	8

This site contains links to these domains. Also see Links.

Domain
twitter.com
youtube.com
github.com
medium.themayor.tech
discord.gg
twitch.tv
t.ly
ko-fi.com
tcm-sec.com
medium.com
www.youtube.com
youtu.be
integrationpartners.com
www.notion.so

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
*.ingest.sentry.io R3	`2022-02-21` - `2022-05-22`	3 months	crt.sh
logs-01.loggly.com Starfield Secure Certificate Authority - G2	`2022-03-23` - `2023-04-24`	a year	crt.sh
statsig.com R3	`2022-04-05` - `2022-07-04`	3 months	crt.sh
notion.so Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
*.camp-fire.jp GlobalSign Atlas R3 DV TLS CA 2020	`2021-05-20` - `2022-06-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Frame ID: EF49308EAA3862438C8EC59FF2A8B6D3
Requests: 89 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pentesting Notes

Page URL History Show full URLs

http://themayor.tech/ HTTP 301
https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a Page URL

Detected technologies

Medium (Blogs) Expand

Overall confidence: 100%
Detected patterns

medium\.com

Page Statistics

87
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

6768 kB
Transfer

13978 kB
Size

6
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/joehelle
Title: https://twitter.com/joehelle

Search URL Search Domain Scan URL

URL: https://youtube.com/c/JoeHellethemayor
Title: https://youtube.com/c/JoeHellethemayor

Search URL Search Domain Scan URL

URL: https://github.com/dievus
Title: https://github.com/dievus

Search URL Search Domain Scan URL

URL: https://medium.themayor.tech/
Title: https://medium.themayor.tech

Search URL Search Domain Scan URL

URL: https://discord.gg/aceeFEHkmA
Title: https://discord.gg/aceeFEHkmA

Search URL Search Domain Scan URL

URL: https://twitch.tv/themayor11
Title: https://twitch.tv/themayor11

Search URL Search Domain Scan URL

URL: http://t.ly/SvXS
Title: t.ly/SvXS

Search URL Search Domain Scan URL

URL: http://t.ly/waue
Title: t.ly/waue

Search URL Search Domain Scan URL

URL: https://ko-fi.com/themayor
Title: https://ko-fi.com/themayor

Search URL Search Domain Scan URL

URL: https://tcm-sec.com/internal-persistence-techniques/
Title: Internal Persistence Techniques - TCM SecurityThe majority of our internal penetration tests are at least a week long. While we generally have a drop box sent to the client to enable our access to the network, we have to consider efficiency as well.https://tcm-sec.com/internal-persistence-techniques/

Search URL Search Domain Scan URL

URL: https://medium.themayor.tech/ecptx-exam-review-1dce30c152a6
Title: eCPTX Exam RevieweLearnSecurity Certified Penetration Tester eXtreme I recently decided to take the eLearnSecurity Certified Penetration Tester eXtreme (eCPTX) exam. I have been feeling confident with pentesting active directory environments and felt I would be able to give it a shot. Here are my thoughts.https://medium.themayor.tech/ecptx-exam-review-1dce30c152a6

Search URL Search Domain Scan URL

URL: https://medium.com/cybersecpadawan/windows-persistence-using-wsl2-8f87e319ea56
Title: Windows Persistence Using WSL2I don't think this is what it was meant for Consider supporting my work at https://ko-fi.com/themayor . I really enjoy exploitation in Windows environments. It is a landscape that is ripe with opportunities for privilege escalation, exploitation, and persistence opportunities.https://medium.com/cybersecpadawan/windows-persistence-using-wsl2-8f87e319ea56

Search URL Search Domain Scan URL

URL: https://medium.com/cybersecpadawan/domain-domination-with-windows-shortcuts-6aab1d72b793
Title: Domain Domination With Windows ShortcutsWait, what? How? Consider supporting my work at https://ko-fi.com/themayor . I've recently had the necessity to learn about a feature in Microsoft Windows that we take for granted everyday - Shortcuts. We use them all the time to access things like search engines, web sites, and file shares.https://medium.com/cybersecpadawan/domain-domination-with-windows-shortcuts-6aab1d72b793

Search URL Search Domain Scan URL

URL: https://medium.com/cybersecpadawan/how-i-was-bored-one-night-and-found-two-cves-4233c3719194
Title: How I Was Bored One Night and Found Two CVEsI'm regularly asked by people how to break into penetration testing who are in the same position I was in not long ago. It was less than a year ago I was at my wit's end. I thought I was unemployable in IT in general, not just pentesting.https://medium.com/cybersecpadawan/how-i-was-bored-one-night-and-found-two-cves-4233c3719194

Search URL Search Domain Scan URL

URL: https://tcm-sec.com/boost-your-security-program-for-wfh-employees/
Title: Boost Your Security Program for WFH Employees - TCM SecurityWith communities beginning to open back up, companies are considering the decision to stay remote. And this comes with good reasons. The cost of leasing space might be prohibitive and downsizing to host only necessary business functions could help with expenses.https://tcm-sec.com/boost-your-security-program-for-wfh-employees/

Search URL Search Domain Scan URL

URL: https://medium.com/cybersecpadawan/zeropointsecurity-certified-red-team-operator-course-crto-review-512c8d54705a
Title: ZeroPointSecurity Certified Red Team Operator Course (CRTO) ReviewContinuing my education in all things hacking, I recently decided to give Rastamouse's CRTO course a go. There isn't much to go off of from other reviews, so it's one of the first courses I've taken in some time where someone I know couldn't provide any advice or experiences.https://medium.com/cybersecpadawan/zeropointsecurity-certified-red-team-operator-course-crto-review-512c8d54705a

Search URL Search Domain Scan URL

URL: https://medium.com/cybersecpadawan/elearnsecurity-ewpt-certification-b7592bfc70af
Title: eLearnSecurity eWPT CertificationAs with anything in life, we do ourselves a disservice if we don't spend considerable time trying to improve those things we struggle with. It's no secret among my various circles that my weak area in penetration testing is web applications. I find them challenging more or less because I lack a complete interest in pentesting websites.https://medium.com/cybersecpadawan/elearnsecurity-ewpt-certification-b7592bfc70af

Search URL Search Domain Scan URL

URL: https://www.youtube.com/watch?v=-hR9h3erNEU&lc=UgzJ73twlwT2LTyQC_14AaABAg
Title: Hacking MS-SQL - From SQLi to Server AdministratorIn this video we conduct initial scanning and enumeration on a Windows Server, discover a SQL injection vulnerability in a website, exploit it, and gain acce...https://www.youtube.com/watch?v=-hR9h3erNEU&lc=UgzJ73twlwT2LTyQC_14AaABAg

Search URL Search Domain Scan URL

URL: https://medium.com/cybersecpadawan/pentester-academy-certified-red-team-professional-crtp-review-a91b05367bcf
Title: Pentester Academy Certified Red Team Professional (CRTP) ReviewEarly this year I purchased and completed Pentester Academy's Attacking and Defending Active Directory course. The coursework prepares the student to take the Certified Red Team Professional exam, which is a comprehensive, multi-domain challenge consisting of multiple machines to exploit across a forest trust.https://medium.com/cybersecpadawan/pentester-academy-certified-red-team-professional-crtp-review-a91b05367bcf

Search URL Search Domain Scan URL

URL: https://youtu.be/VfadeHqnuZc
Title: Relevant Walkthrough - TryHackMePlease consider supporting me on Patreon at https://www.patreon.com/themayorThe video walkthrough for Relevant on TryHackMe. I created Relevant to show that...https://youtu.be/VfadeHqnuZc

Search URL Search Domain Scan URL

URL: https://integrationpartners.com/blog/integration-partners-discovers-zero-day-vulnerability-web-application/
Title: Integration Partners discovers Zero-Day vulnerability in Web Application | Integration Partners | Lexington, MAZero-Day vulnerability discovered by Joe Helle, Security Engineer at Integration Partners On November 8th, 2020 our newest Security Engineer, Joe Helle, was issued a CVE (Common Vulnerability and Exposures) number for a Zero-Day Reflected Cross-Site Scripting vulnerability in a...Read Morehttps://integrationpartners.com/blog/integration-partners-discovers-zero-day-vulnerability-web-application/

Search URL Search Domain Scan URL

URL: https://www.notion.so/Cookie-Notice-bc186044eed5488a8387a9e94b14e58c
Title: Cookie Notice

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://themayor.tech/ HTTP 301
https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

87 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a Show response
themayor.notion.site/
Redirect Chain

http://themayor.tech/
https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a

7 KB
5 KB

745ms
685ms

Document
text/html

2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

463b6ac6d7db8d9e7a7e58eb6cbd626d5384c3b0b7f5b8b42e6e41a91df1634a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: public,max-age=31536000,immutable
cf-cache-status: DYNAMIC
cf-ray: 6f93674b6b589130-FRA
content-encoding: gzip
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
content-type: text/html; charset=utf-8
date: Sat, 09 Apr 2022 12:56:34 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: 0
last-modified: Thu, 07 Apr 2022 23:11:15 GMT
pragma: no-cache
referrer-policy: same-origin
server: cloudflare
strict-transport-security: max-age=5184000; includeSubDomains
surrogate-control: no-store
vary: Accept-Encoding
x-amz-id-2: JrZ4vDJ9dM8OxuJTiNaJJFfiuLo9aRMUPSPEv5F8gaF37J+YJDvqk4Mf/jQlMwbiLRUpVBA/g1s=
x-amz-request-id: GJ7A82KN8VGMH06Y
x-amz-server-side-encryption: AES256
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Content-Length: 275
Content-Type: text/html; charset=UTF-8
Date: Sat, 09 Apr 2022 12:56:33 GMT
Location: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Server: ghs
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0

GET
H2 200 581-0ba303cd35e494e68149.js Show response
themayor.notion.site/ 2 MB
606 KB 821ms
820ms Script
application/javascript 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/581-0ba303cd35e494e68149.js

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e69ad51b43d8e96f6f98025c8f3f7ab5f9f0c709d029848e928cb3648e67d1f2

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: FY8Q1BBDZ4WGCRBJ
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: off
vary: Accept-Encoding
x-amz-id-2: ycgNOeuszI0BVtuO24BLtmP/62dhxely4SKYsPQhcVFl/mcdUMrL1wXdI/q1Rbvm2TcDhY0cj2g=
referrer-policy: same-origin
last-modified: Thu, 07 Apr 2022 23:11:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1ceb8db12c48d0d9ee3042efbe625279"
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93674fdd849130-FRA
expires: Sun, 09 Apr 2023 12:56:35 GMT

GET
H2 200 app-4d2be65379ec23962782.js Show response
themayor.notion.site/ 6 MB
1 MB 827ms
826ms Script
application/javascript 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/app-4d2be65379ec23962782.js

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd3c38de4076a1ff8d4f1199cefff075f3731cf6fe1138ba3eb90a1f3cb5a3b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: G3R130TK2SZEH3RF
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: off
vary: Accept-Encoding
x-amz-id-2: tH/rXMUSCQFExUZewuy2Gf1lZVDfcOa+xhdbTAPy13skrMMAHfmDM2qn9cq8gA+Is8edjO2DCig=
referrer-policy: same-origin
last-modified: Thu, 07 Apr 2022 23:11:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1619fa4d849123e1abc61adeeb92676a"
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93674fdd889130-FRA
expires: Sun, 09 Apr 2023 12:56:35 GMT

GET
H2 200 app-8adcd7eed4c72b836d3d.css
themayor.notion.site/ 45 KB
12 KB 818ms
817ms Stylesheet
text/css 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/app-8adcd7eed4c72b836d3d.css

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d26b0b3e8186c040b9f3f23280ebc2ee12f52fb94ad8a0fa5b17046eb00cd682

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: XTTQ5N55E9S6N5AC
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: off
vary: Accept-Encoding
x-amz-id-2: PPK0To131dBFhmB4YkSDMOfmAzWpJPdpBmo+izxXaaXoIgNEBSoydVgDwfAmsn/VQA6KGPEvszs=
referrer-policy: same-origin
last-modified: Thu, 07 Apr 2022 23:11:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1fb0d67ffc34463b33c7486a930b43e9"
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93674fdd879130-FRA
expires: Sun, 09 Apr 2023 12:56:35 GMT

GET
H2 200 print.b31f28aa.css
themayor.notion.site/ 1 KB
748 B 667ms
667ms Stylesheet
text/css 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/print.b31f28aa.css

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e74fe924eac442347f517ac801a93adbdc5558f13105b58a6ff83372172f210a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: F7SJDTE9B4E6Z1PS
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: off
vary: Accept-Encoding
x-amz-id-2: RUllPBujJrDbN7DdIK8kCbRMGRzzfp/yplwTEmhS6b38WwO6wK6FUYkOf6GNugPtyuhNfWR0S6c=
referrer-policy: same-origin
last-modified: Thu, 07 Apr 2022 23:11:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "b31f28aad44bf6e14d20173c1b63311c"
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: text/css; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93674fdd8a9130-FRA
expires: Sun, 09 Apr 2023 12:56:35 GMT

GET
H2 200 markdown-linkify-it-de6de0a7cf56f508e657.js Show response
themayor.notion.site/ 97 KB
33 KB 824ms
824ms Script
application/javascript 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/markdown-linkify-it-de6de0a7cf56f508e657.js

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/app-4d2be65379ec23962782.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5792e6fe205a8612f3fcf22c6d626ed3cfdf3a1afd9f9a1938571d0b489cd8ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 9YR9ENQ1TGGT53DD
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: off
vary: Accept-Encoding
x-amz-id-2: UbFuV+EQI3XuDjcg3gKpHF01qwfdLKAGOPlWb7qefvEHb7OmEkt+LZVpEbIMvnUvJP294fiUgf0=
referrer-policy: same-origin
last-modified: Thu, 07 Apr 2022 23:11:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d2db38f22978b1070edafe66bf5524ba"
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93675cd8a19130-FRA
expires: Sun, 09 Apr 2023 12:56:37 GMT

POST
H2 200 / Show response
o324374.ingest.sentry.io/api/5741876/envelope/ 2 B
248 B 75ms
23ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o324374.ingest.sentry.io/api/5741876/envelope/?sentry_key=704fe3b1898d4ccda1d05fe1ee79a1f7&sentry_version=7

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://themayor.notion.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:36 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://themayor.notion.site
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

POST
H/1.1 200
OK client-production Show response
logs-01.loggly.com/inputs/edcca201-4028-4ef1-bbb1-c78b430dd74e/tag/ 19 B
293 B 685ms
165ms XHR
text/html 52.33.155.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logs-01.loggly.com/inputs/edcca201-4028-4ef1-bbb1-c78b430dd74e/tag/client-production
Requested by: Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.155.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-155-26.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Apr 2022 12:56:37 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
Content-Length: 19
Content-Type: text/html

POST
H/1.1 200
OK client-production Show response
logs-01.loggly.com/inputs/edcca201-4028-4ef1-bbb1-c78b430dd74e/tag/ 19 B
293 B 661ms
166ms XHR
text/html 52.33.155.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://logs-01.loggly.com/inputs/edcca201-4028-4ef1-bbb1-c78b430dd74e/tag/client-production
Requested by: Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.33.155.26 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-33-155-26.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 09 Apr 2022 12:56:37 GMT
Server: nginx
Connection: keep-alive
Access-Control-Allow-Headers: Authorization,Host,Content-Type,X-Forwarded-For,X-LOGGLY-TAG,X-Real-IP
Content-Length: 19
Content-Type: text/html

POST
H2 200 getUserAnalyticsSettings Show response
themayor.notion.site/api/v3/ 144 B
2 KB 186ms
186ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/getUserAnalyticsSettings

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3bd5c058c002cd14eca253f75a05f335c390569ad110691813fe14f5f0f2f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"90-JkPV3LzhMBao3/9dWpRZ+DVm5dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93675ddac19130-FRA

POST
H2 200 getUserAnalyticsSettings Show response
themayor.notion.site/api/v3/ 144 B
190 B 663ms
663ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/getUserAnalyticsSettings

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3bd5c058c002cd14eca253f75a05f335c390569ad110691813fe14f5f0f2f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"90-JkPV3LzhMBao3/9dWpRZ+DVm5dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93675dfb199130-FRA

POST
H2 200 getUserAnalyticsSettings Show response
themayor.notion.site/api/v3/ 144 B
181 B 667ms
666ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/getUserAnalyticsSettings

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

da3bd5c058c002cd14eca253f75a05f335c390569ad110691813fe14f5f0f2f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"90-JkPV3LzhMBao3/9dWpRZ+DVm5dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93675dfb289130-FRA

POST
H2 200 getClientExperimentsV2 Show response
themayor.notion.site/api/v3/ 27 KB
4 KB 651ms
650ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/getClientExperimentsV2

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

049fbc125f7e57bf72cc676b5776b40f19f5745e2c3a5d6640f6df3c33c37379

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6bbc-B8KWpKdRSWKxm5xWEd/M+lIno00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93675dfb2d9130-FRA

POST
H2 200 getClientExperimentsV2 Show response
themayor.notion.site/api/v3/ 27 KB
4 KB 675ms
675ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/getClientExperimentsV2

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

049fbc125f7e57bf72cc676b5776b40f19f5745e2c3a5d6640f6df3c33c37379

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6bbc-B8KWpKdRSWKxm5xWEd/M+lIno00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93675dfb329130-FRA

GET
H2 200 analytics-amplitude-3c68b6ff07d238a40a08.js Show response
themayor.notion.site/ 72 KB
24 KB 815ms
815ms Script
application/javascript 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/analytics-amplitude-3c68b6ff07d238a40a08.js

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/app-4d2be65379ec23962782.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

900c651674333208a03e12dfa0aa68d10b8887bbb167cd24483e9a5ae54c60dc

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: PW6J1J65XAKPJE8M
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: off
vary: Accept-Encoding
x-amz-id-2: q4Q8qrnr8fBUV3Ec1CnsioPFLndmvHtLNe7UetQk3t+qlfBXJPQm/BOrBPdVNs3jlbxI0553LTY=
referrer-policy: same-origin
last-modified: Thu, 07 Apr 2022 23:11:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "db694779aa072317d7a93de8206a27a1"
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93675f0d8f9130-FRA
expires: Sun, 09 Apr 2023 12:56:37 GMT

POST
H2 200 getPublicPageData Show response
themayor.notion.site/api/v3/ 345 B
2 KB 195ms
195ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/getPublicPageData

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aac994ce41beb0fd775f0454a9b625cdf23fd688e2a7d3c76c280935dcccf0f4

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"159-PnCjAZLrKZMa3SkZTtKtjUoTZYw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f9367622d2e9130-FRA

POST
H2 200 loadCachedPageChunk Show response
themayor.notion.site/api/v3/ 70 KB
18 KB 217ms
217ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/loadCachedPageChunk

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf1fc88b342d3431b1af7211385b89801bd3b3e32fd914c5c6c6339c7db844ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"116c1-z12fiKs+V3L8ap6M4mnj8cPI+os"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f9367623d569130-FRA

POST
H2 200 getBacklinksForBlock Show response
themayor.notion.site/api/v3/ 61 B
197 B 668ms
668ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/getBacklinksForBlock

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9b8e354a9a131ae0751b38473daf1149355337efdbe60363528a4c271a7759f

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3d-QXf0VnuWqnn+aSdvmZz0LjPGcxA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f9367623d599130-FRA

OPTIONS
H2 204 initialize
api.statsig.com/v1/ 0
0 106ms
36ms Preflight 20.93.28.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.statsig.com/v1/initialize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.93.28.56 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,statsig-api-key,statsig-client-time
Access-Control-Request-Method: POST
Origin: https://themayor.notion.site
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

access-control-allow-headers: content-type,statsig-api-key,statsig-client-time
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 7200
content-length: 0
content-security-policy: frame-ancestors *.statsig.com
date: Sat, 09 Apr 2022 12:56:37 GMT
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
vary: Origin, Access-Control-Request-Headers
x-content-type-options: nosniff;
x-envoy-upstream-service-time: 6
x-statsig-region: az-northeurope

POST
H2 200 initialize Show response
api.statsig.com/v1/ 40 KB
9 KB 49ms
49ms Fetch
application/json 20.93.28.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.statsig.com/v1/initialize

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

20.93.28.56 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

istio-envoy /

Resource Hash

796323f3774d97179f2965f7b91b7e8500c3e7f3d72a066983af933e29365f61

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.statsig.com
X-Content-Type-Options	nosniff;

Request headers

STATSIG-CLIENT-TIME: 1649508997477
Referer
STATSIG-API-KEY: client-Tgza5wNFa8dVt9BdeUfG6Vkm29bHxX10MhoztTMzLBB
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-type: application/json; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
referrer-policy: strict-origin-when-cross-origin
server: istio-envoy
x-statsig-region: az-northeurope
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 18
content-security-policy: frame-ancestors *.statsig.com
x-content-type-options: nosniff;

POST
H2 200 syncRecordValues Show response
themayor.notion.site/api/v3/ 2 KB
1 KB 199ms
198ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/syncRecordValues

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40b35490717104667f6c98c9efda4aa96fe2079a603cc88055b1fa4cce68035a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header: undefined
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7e4-Pwx2BPc52j2gXOJdMN6HfKyhADA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f9367625da49130-FRA

GET
DATA 200
OK truncated
/ 961 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0147dfddcfe7c192f39593b8405ca11ebb0f9f05e415ce70a66d254a0bc7dcd2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 getPublicSpaceData Show response
themayor.notion.site/api/v3/ 491 B
2 KB 1101ms
1100ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/getPublicSpaceData

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

060f8b259a9ea30db37609afbb91fe34a2e4e770469e5ae9d723d0a7be9360cf

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1eb-gxwWsbKssXRbpFrV2D97maka74E"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f936763b8ed9130-FRA

POST
H2 200 syncRecordValues Show response
themayor.notion.site/api/v3/ 155 B
2 KB 203ms
203ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/syncRecordValues

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92029e0e404503424a2e7d9e6fd3a932d4fd659eddae1c2ac9fb95b86cf7492b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header: undefined
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9b-FTt5kX0FJ+CmQLWeoTqHr2nk0Yc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f936763b8f19130-FRA

POST
H2 200 / Show response
hkfxbbdzib.notion.so/ 7 B
280 B 714ms
660ms XHR
text/html 2606:4700::6812:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hkfxbbdzib.notion.so/

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cf-ray: 6f93676499ab6903-FRA
content-length: 7

POST
H2 200 teV1 Show response
www.notion.so/api/v3/ 7 B
2 KB 245ms
192ms XHR
text/html 2606:4700::6812:176e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notion.so/api/v3/teV1

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:176e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 7
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7-U6VofLJtxB8qtAM+l+E63v03QNY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f936764aeb99bf5-FRA

GET
H2 200 twitter-emoji-spritesheet-64.d3a69865.png
themayor.notion.site/images/emoji/ 3 MB
3 MB 1030ms
1030ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/images/emoji/twitter-emoji-spritesheet-64.d3a69865.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70709fa61e0fae66603ef4345b507a56bbfb35c87a037eb855d464a5210c4c9b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: D9A43GVTA6ZS0AVB
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 2711809
x-amz-id-2: bgDsFajzQ3d/YhwTiCZERWWWHXfjJQY2Z6HIWx48eiOsaLMnHXkAn3CW1AvBybkblbmg186KJk8=
referrer-policy: same-origin
last-modified: Thu, 07 Apr 2022 23:11:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d3a698652c9a916f82ab0264c42ac954"
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
accept-ranges: bytes
cf-ray: 6f9367652bc89130-FRA
expires: Sun, 09 Apr 2023 12:56:38 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 https%3A%2F%2Fn9i8j6g7.rocketcdn.me%2Fwp-content%2Fuploads%2F2021%2F09%2Fcropped-logo-192x192.png
themayor.notion.site/image/ 20 KB
20 KB 987ms
987ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fn9i8j6g7.rocketcdn.me%2Fwp-content%2Fuploads%2F2021%2F09%2Fcropped-logo-192x192.png?table=block&id=012934ef-6a5a-4aeb-8963-c811f28cfc84&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

277a8474304bad4fcef8feaaf3e09b2fc53fff9b6d2a046b9b9960625266ff69

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="cropped-logo-192x192.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f9367659ca19130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fn9i8j6g7.rocketcdn.me%2Fwp-content%2Fuploads%2F2021%2F11%2Fimage-2-1024x452.png
themayor.notion.site/image/ 127 KB
127 KB 876ms
875ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fn9i8j6g7.rocketcdn.me%2Fwp-content%2Fuploads%2F2021%2F11%2Fimage-2-1024x452.png?table=block&id=012934ef-6a5a-4aeb-8963-c811f28cfc84&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aebc07ded8355913888da15d636434f0b343373f4f36294fd7c529c60cbcb2aa

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="image-2-1024x452.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f9367659ca39130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png
themayor.notion.site/image/ 679 B
935 B 832ms
830ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png?table=block&id=5a8a4b95-5db2-4063-893d-8acf1ca5b4e5&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

895f0a272f02de4042ee13e54867c7e193c16822537a89a79fb43f86572bc76e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*m-R_BkNf1Qjr1YbyOIJY2w.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f9367659ca79130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2Fmax%2F911%2F1*zLfwbSy5ck-4-4RlCy8nkQ.png
themayor.notion.site/image/ 122 KB
122 KB 982ms
980ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2Fmax%2F911%2F1*zLfwbSy5ck-4-4RlCy8nkQ.png?table=block&id=5a8a4b95-5db2-4063-893d-8acf1ca5b4e5&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a4cae0fed47664c7cead55ca90d7118f383f52380b72ce8b8f4ee4d9693a90f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*zLfwbSy5ck-4-4RlCy8nkQ.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936765acbf9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 photo-1548092372-0d1bd40894a3
images.unsplash.com/ 805 KB
806 KB 83ms
24ms Image
image/jpeg 2a04:4e42:1b::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.unsplash.com/photo-1548092372-0d1bd40894a3?ixlib=rb-1.2.1&q=85&fm=jpg&crop=entropy&cs=srgb&w=4800

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

cac920959f5b4db2ae224e886ec542d89fe8ec36699b7a9559674ad27aa5812f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Mar 2022 04:42:32 GMT
server: imgix
age: 1584845
x-cache: HIT, HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=315360000
x-imgix-id: fa2ad7a42c094997a52a3c59459157647324d2a4
accept-ranges: bytes
content-length: 824225
cross-origin-resource-policy: cross-origin
x-served-by: cache-sjc10055-SJC, cache-hhn4068-HHN

GET
H2 200 https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F2b42e06e-e29a-4f67-9561-33569c538b3d%2Fpicture.png
themayor.notion.site/image/ 24 KB
24 KB 996ms
995ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F2b42e06e-e29a-4f67-9561-33569c538b3d%2Fpicture.png?table=block&id=9c46a29f-dead-4d18-80c7-0bfafa8d453a&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=250&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

23fa0250351cfd940d43ffa2211e444807649878f6c861ba74159e97ed165492

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="picture.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936765acc49130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2Fdeb4e382-0f45-4cf8-b20e-8dfb1e681dd5%2F39108280_704705456544047_4932151283776749568_n_-_Copy.jpg
themayor.notion.site/image/ 28 KB
28 KB 940ms
938ms Image
image/jpeg 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2Fdeb4e382-0f45-4cf8-b20e-8dfb1e681dd5%2F39108280_704705456544047_4932151283776749568_n_-_Copy.jpg?table=block&id=d72e64fb-b890-4639-8e18-25415ad06610&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=580&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9865c025d52e7cf86a9e093d4a81bd4d500d4c1eb3595e53a9bc6299d573ac92

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: EXPIRED
x-dns-prefetch-control: off
content-disposition: filename="39108280_704705456544047_4932151283776749568_n_-_Copy.jpg"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 05 Apr 2022 21:30:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936765acc69130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fthumb%2F0%2F0a%2FUnofficial_Windows_logo_variant_-_2002%25E2%2580%25932012_%2528Multicolored%2529.svg%2F870px-Unofficial_Windows_logo_vari...
themayor.notion.site/image/ 35 KB
35 KB 1030ms
1029ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fupload.wikimedia.org%2Fwikipedia%2Fcommons%2Fthumb%2F0%2F0a%2FUnofficial_Windows_logo_variant_-_2002%25E2%2580%25932012_%2528Multicolored%2529.svg%2F870px-Unofficial_Windows_logo_variant_-_2002%25E2%2580%25932012_%2528Multicolored%2529.svg.png?table=collection&id=a4da67b1-55df-4f00-93ad-21039981d756&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06cf15a4771b6d07a6b1039cbf0c8e6fb4770374d328f743661eb1338f27fde2

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="870px-Unofficial_Windows_logo_variant_-_2002%E2%80%932012_(Multicolored).svg.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936765acc89130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fcdn.worldvectorlogo.com%2Flogos%2Fazure-active-directory.svg
themayor.notion.site/image/ 2 KB
1 KB 782ms
781ms Image
image/svg+xml 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fcdn.worldvectorlogo.com%2Flogos%2Fazure-active-directory.svg?table=collection&id=c41bc947-14b2-4b69-bf0c-ac0a5794e5c7&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5328a1b14736bde6d10f8afc8bb666380ad5d86de391361c7f1019d5bdf6ab9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="azure-active-directory.svg"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936765acca9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F03cfbe26-952b-470d-a756-61c797354505%2Fazure.microsoft.com.png
themayor.notion.site/image/ 2 KB
2 KB 799ms
798ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F03cfbe26-952b-470d-a756-61c797354505%2Fazure.microsoft.com.png?table=collection&id=5da93d1b-3d58-43b1-a7ae-8425d931000a&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=40&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ba0af71a9b83a6a3b5dc0430316a66a297f4b8155956749abec861f2af092344

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="azure.microsoft.com.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936765accd9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F28a95d8d-e2e1-495d-a9bd-9c6fbe159a8d%2Fpng-transparent-tux-linux-mint-logo-linux-logo-vertebrate-bird.png
themayor.notion.site/image/ 1 KB
1 KB 795ms
794ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F28a95d8d-e2e1-495d-a9bd-9c6fbe159a8d%2Fpng-transparent-tux-linux-mint-logo-linux-logo-vertebrate-bird.png?table=collection&id=a14b6e0c-e681-448c-b567-7a5c162fa540&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=40&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aad191fdfe7a7b7d1f8a893ef18b3fbee33e509f0ad56f73245a8c309b0a7351

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="png-transparent-tux-linux-mint-logo-linux-logo-vertebrate-bird.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936765acd09130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F31f5880c-12b7-468c-95a8-0a2d4059abec%2Fme_small.png
themayor.notion.site/image/ 5 KB
5 KB 800ms
799ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F31f5880c-12b7-468c-95a8-0a2d4059abec%2Fme_small.png?table=block&id=c4437536-86a0-4e40-a511-e075263d9168&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=40&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

235c2df0fbb6ac90db826fa439f05eef89845f2184a340167fa9e921722db1ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="me_small.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936765bcf29130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fcdn.worldvectorlogo.com%2Flogos%2Fazure-active-directory.svg
themayor.notion.site/image/ 2 KB
1 KB 906ms
905ms Image
image/svg+xml 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fcdn.worldvectorlogo.com%2Flogos%2Fazure-active-directory.svg?table=collection&id=7838d410-bfc4-4a09-a49a-b712b7f6c2fd&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f5328a1b14736bde6d10f8afc8bb666380ad5d86de391361c7f1019d5bdf6ab9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="azure-active-directory.svg"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/svg+xml
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936765bcf39130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

POST
H2 200 loadCachedPageChunk Show response
themayor.notion.site/api/v3/ 20 KB
5 KB 235ms
235ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/loadCachedPageChunk

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e22f41c0fcb5bb25cc23bf8351771a9d700c7bd23314024ccc3cfa974a440df

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4e92-i9knFiT5C2MLkGMsib+FQsqJL34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f936765bcf59130-FRA

POST
H2 200 loadCachedPageChunks Show response
themayor.notion.site/api/v3/ 4 KB
2 KB 214ms
213ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/loadCachedPageChunks

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc677e5a56a56ce0675a5e76038b6b3abdd23a320d7e2cf78220fa7dfa5f64b4

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"106d-EmSUu8Qpb3a6SOI708/jwK9YKuU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f936765bcf79130-FRA

POST
H2 200 syncRecordValues Show response
themayor.notion.site/api/v3/ 8 KB
2 KB 214ms
214ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/syncRecordValues

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aeef7fd746fe05cc03fd391fd13716220b663877bb48c878fdf0318e6f284c6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header: undefined
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1fda-s5xVER/ujjYEx6KQoCXW1YL5Oas"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f936765bcfa9130-FRA

GET
H2 200 https%3A%2F%2Fs3-us-west-2.amazonaws.com%2Fsecure.notion-static.com%2F2b42e06e-e29a-4f67-9561-33569c538b3d%2Fpicture.png
themayor.notion.site/image/ 2 KB
2 KB 766ms
766ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e514dd6abdf3c61b788c7c846326f02cfed107246e192b59a36a67bb922ba547

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="picture.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936765dd399130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2Fmax%2F694%2F1*rwWpkvGlcRdD-BrkKwYRkw.png
themayor.notion.site/image/ 54 KB
54 KB 928ms
927ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2Fmax%2F694%2F1*rwWpkvGlcRdD-BrkKwYRkw.png?table=block&id=e6933b40-964c-46dd-8319-ed7e018ef9f8&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6946a6a5b7e38844053edf8e3534468fcaeb011d2748374cb5c61c2760526a79

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*rwWpkvGlcRdD-BrkKwYRkw.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936767686a9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png
themayor.notion.site/image/ 679 B
745 B 778ms
775ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png?table=block&id=b80901b3-0655-4804-84d2-7a619272fd21&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

895f0a272f02de4042ee13e54867c7e193c16822537a89a79fb43f86572bc76e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*m-R_BkNf1Qjr1YbyOIJY2w.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936767786f9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2Fmax%2F842%2F1*sOlH8WZHxVy9WBfurf1c6w.png
themayor.notion.site/image/ 41 KB
41 KB 1050ms
1046ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2Fmax%2F842%2F1*sOlH8WZHxVy9WBfurf1c6w.png?table=block&id=b80901b3-0655-4804-84d2-7a619272fd21&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12f44d849cb5fb3edfe0e26e84361b43ec002bd1e4ec97cb21440141f380683a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*sOlH8WZHxVy9WBfurf1c6w.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676778759130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png
themayor.notion.site/image/ 679 B
778 B 769ms
766ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png?table=block&id=eeb3f381-0eae-446c-b847-6641df61051a&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

895f0a272f02de4042ee13e54867c7e193c16822537a89a79fb43f86572bc76e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*m-R_BkNf1Qjr1YbyOIJY2w.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676778779130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2Fmax%2F596%2F1*GV7z6Cm9NqIfhrPSJKoQEg.png
themayor.notion.site/image/ 128 KB
128 KB 957ms
953ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2Fmax%2F596%2F1*GV7z6Cm9NqIfhrPSJKoQEg.png?table=block&id=eeb3f381-0eae-446c-b847-6641df61051a&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4627f36ef36eaaa424ca50d589da373ef6a903edeb1f202ab84e0e358fd38280

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*GV7z6Cm9NqIfhrPSJKoQEg.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676778789130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Ftcm-sec.com%2Fwp-content%2Fuploads%2F2020%2F07%2Ffavicon-1-1.png
themayor.notion.site/image/ 454 B
541 B 1156ms
1152ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Ftcm-sec.com%2Fwp-content%2Fuploads%2F2020%2F07%2Ffavicon-1-1.png?table=block&id=a6475fb3-afac-4100-be93-088d5600eeb6&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

392b91058ed889cd58c32b67ca6810ed899ea423c93c7be8fbbd1c78e728d585

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="favicon-1-1.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936767787b9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 404 https%3A%2F%2Ftcm-sec.com%2Fwp-content%2Fuploads%2F2020%2F09%2FTransparent-Logo-1.png
themayor.notion.site/image/ 35 B
35 B 1871ms
1867ms Image
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Ftcm-sec.com%2Fwp-content%2Fuploads%2F2020%2F09%2FTransparent-Logo-1.png?table=block&id=a6475fb3-afac-4100-be93-088d5600eeb6&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f35d00a4897eeb7e49b1980a459741455bf5ff52447ea42e7603f3e8305db7cc

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:40 GMT
x-content-type-options: nosniff
cf-cache-status: BYPASS
x-dns-prefetch-control: off
vary: Accept-Encoding
cdn-cache-control: no-store,max-age=0
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"23-Hbx2mtyQdwrHFahybEvAzyeOe2Q"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
content-length: 35
cf-ray: 6f936767787c9130-FRA

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png
themayor.notion.site/image/ 679 B
745 B 771ms
768ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png?table=block&id=c0c43bdb-6d25-42b6-9ea8-71530359f683&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

895f0a272f02de4042ee13e54867c7e193c16822537a89a79fb43f86572bc76e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*m-R_BkNf1Qjr1YbyOIJY2w.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936767787d9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2Fmax%2F979%2F1*EuFShHSAeneL3gvORrVLHw.png
themayor.notion.site/image/ 53 KB
53 KB 955ms
952ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2Fmax%2F979%2F1*EuFShHSAeneL3gvORrVLHw.png?table=block&id=c0c43bdb-6d25-42b6-9ea8-71530359f683&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d610d5f974891533dd4a917ff45d0adb28992bd9531c8062b97031a5e3e0693

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*EuFShHSAeneL3gvORrVLHw.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936767787e9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png
themayor.notion.site/image/ 679 B
745 B 776ms
773ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png?table=block&id=fe9462e9-92c3-4ed3-a863-3985f8f0848b&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

895f0a272f02de4042ee13e54867c7e193c16822537a89a79fb43f86572bc76e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*m-R_BkNf1Qjr1YbyOIJY2w.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f936767989d9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2Fmax%2F414%2F1*uViazlmAFC8S4qqjaH4AeA.png
themayor.notion.site/image/ 31 KB
31 KB 941ms
938ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2Fmax%2F414%2F1*uViazlmAFC8S4qqjaH4AeA.png?table=block&id=fe9462e9-92c3-4ed3-a863-3985f8f0848b&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c28d71c876d0fdfb4effcf5e80afc7c536ab60f98f79427c512c07867ea32c16

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*uViazlmAFC8S4qqjaH4AeA.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676798a19130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fwww.youtube.com%2Fs%2Fdesktop%2F2ed2f887%2Fimg%2Ffavicon.ico
themayor.notion.site/image/ 1 KB
301 B 763ms
760ms Image
image/x-icon 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fwww.youtube.com%2Fs%2Fdesktop%2F2ed2f887%2Fimg%2Ffavicon.ico?table=block&id=be029f7c-fc45-4495-a10b-5df656eddf20&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="favicon.ico"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/x-icon
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676798a29130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fi.ytimg.com%2Fvi%2F-hR9h3erNEU%2Fhqdefault.jpg
themayor.notion.site/image/ 32 KB
32 KB 800ms
798ms Image
image/jpeg 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fi.ytimg.com%2Fvi%2F-hR9h3erNEU%2Fhqdefault.jpg?table=block&id=be029f7c-fc45-4495-a10b-5df656eddf20&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b755f8f4388cf48437c8f0c86da093b916052261d887e66fe1be505196948fdc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="hqdefault.jpg"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676798a49130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png
themayor.notion.site/image/ 679 B
1 KB 310ms
307ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2F1*m-R_BkNf1Qjr1YbyOIJY2w.png?table=block&id=e481a390-5d02-40be-891c-a429f7e02cfe&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

895f0a272f02de4042ee13e54867c7e193c16822537a89a79fb43f86572bc76e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*m-R_BkNf1Qjr1YbyOIJY2w.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676798a69130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fmiro.medium.com%2Fmax%2F413%2F1*f9CO-HTghdvMLKweeAv0Aw.png
themayor.notion.site/image/ 70 KB
70 KB 997ms
995ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fmiro.medium.com%2Fmax%2F413%2F1*f9CO-HTghdvMLKweeAv0Aw.png?table=block&id=e481a390-5d02-40be-891c-a429f7e02cfe&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55ef0c974d6743ee379a4e1149864206d88fb023262d7249fc01d9cd6399adbb

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="1*f9CO-HTghdvMLKweeAv0Aw.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676798aa9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fwww.youtube.com%2Fs%2Fdesktop%2F2ed2f887%2Fimg%2Ffavicon.ico
themayor.notion.site/image/ 1 KB
246 B 810ms
807ms Image
image/x-icon 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fwww.youtube.com%2Fs%2Fdesktop%2F2ed2f887%2Fimg%2Ffavicon.ico?table=block&id=a7732315-b2ec-4c09-a307-bffcd51ed372&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="favicon.ico"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/x-icon
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676798ac9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fi.ytimg.com%2Fvi%2FVfadeHqnuZc%2Fhqdefault.jpg
themayor.notion.site/image/ 18 KB
18 KB 992ms
990ms Image
image/jpeg 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fi.ytimg.com%2Fvi%2FVfadeHqnuZc%2Fhqdefault.jpg?table=block&id=a7732315-b2ec-4c09-a307-bffcd51ed372&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247c6cbbf1e02f311b5a5d0ffd13236a378d21f2d8f6bcf35e42b1195feebe7f

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="hqdefault.jpg"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/jpeg
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676798ae9130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

GET
H2 200 https%3A%2F%2Fintegrationpartners.com%2Fwp-content%2Fuploads%2F2019%2F09%2Fcropped-favicon-1-192x192.png
themayor.notion.site/image/ 12 KB
12 KB 963ms
961ms Image
image/png 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themayor.notion.site/image/https%3A%2F%2Fintegrationpartners.com%2Fwp-content%2Fuploads%2F2019%2F09%2Fcropped-favicon-1-192x192.png?table=block&id=a333eae7-2d47-4ddb-8611-7eaa3beb9d13&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&userId=&cache=v2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6fdcd6668f1ae332202baf55c5a2d957958ce156e0c414e36cc617c8808a0387

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; sandbox;
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Security-Policy	sandbox
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
x-dns-prefetch-control: off
content-disposition: filename="cropped-favicon-1-192x192.png"
vary: Accept-Encoding
cdn-cache-control: public,max-age=3600
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Sat, 09 Apr 2022 12:56:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: image/png
cache-control: public, max-age=31536000, immutable
content-security-policy: default-src 'none'; sandbox;
cf-ray: 6f93676798b19130-FRA
x-webkit-csp: default-src 'none'; sandbox;
x-content-security-policy: sandbox

POST
H2 200 getExternalIntegrations Show response
themayor.notion.site/api/v3/ 16 KB
3 KB 193ms
191ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/getExternalIntegrations

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

837e50df3f1cd0d181206ce7b6c5fe4bc266e2c3848d1a3ce885e890712ca04b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3e73-CMPfKzfo6Xv7VOUjuu3MrykLqxc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93676778819130-FRA

GET
H2 200 541-65f3b6221fa3956123db.js Show response
themayor.notion.site/ 99 KB
29 KB 825ms
825ms Script
application/javascript 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/541-65f3b6221fa3956123db.js

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/app-4d2be65379ec23962782.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6829c980e5cac587de1826ceb74cb5c10817df07739e1b3707863e4f46380592

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: 5SKTTY9W2P9FFQEC
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: off
vary: Accept-Encoding
x-amz-id-2: kEXAiuT8v9IbtjwLkJWsdj8UWhYqky07TlFQWt1CTMHw05yjcffRsZLaJ8vFjJRyfUIpHrG6Li0=
referrer-policy: same-origin
last-modified: Thu, 07 Apr 2022 23:11:14 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "13cec092888fd9329dd4e5df93ee1228"
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93676798b29130-FRA
expires: Sun, 09 Apr 2023 12:56:38 GMT

GET
H2 200 postRender-07568469b320a762c14a.js Show response
themayor.notion.site/ 1013 KB
236 KB 850ms
850ms Script
application/javascript 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/postRender-07568469b320a762c14a.js

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/app-4d2be65379ec23962782.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

68c088e00f31dc3f1fb5b43f0618ee0ace73c5f643e0c385091dc85309cb6f04

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-request-id: D9A2NFAFVQQMH725
x-amz-server-side-encryption: AES256
x-dns-prefetch-control: off
vary: Accept-Encoding
x-amz-id-2: gXfN573nw2LhfdWrMYLtkj5Cm8PR/5S83Bp+/Evqf3tBCU3Df1zGbTA2drXsq0RNoHN8YLiZBFM=
referrer-policy: same-origin
last-modified: Thu, 07 Apr 2022 23:11:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "58b388d5dcded7906b9b61f474d1a64e"
x-download-options: noopen
strict-transport-security: max-age=5184000; includeSubDomains
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript; charset=utf-8
x-xss-protection: 1; mode=block
cache-control: public, max-age=31536000
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93676798b49130-FRA
expires: Sun, 09 Apr 2023 12:56:39 GMT

POST
H2 200 syncRecordValues Show response
themayor.notion.site/api/v3/ 2 KB
667 B 191ms
191ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/syncRecordValues

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17acff853d3d437cb546b2699b8561e7d7c20017c2fd10ef45de6cb225d287a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header: undefined
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61a-4Wtfv2A9PPYKGGfDsLKgiEVFm/I"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f936767f9989130-FRA

POST
H2 200 / Show response
hkfxbbdzib.notion.so/ 7 B
62 B 225ms
225ms XHR
text/html 2606:4700::6812:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hkfxbbdzib.notion.so/

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cf-ray: 6f93676a5b836903-FRA
content-length: 7

POST
H2 200 teV1 Show response
www.notion.so/api/v3/ 7 B
250 B 222ms
222ms XHR
text/html 2606:4700::6812:176e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notion.so/api/v3/teV1

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:176e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 7
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7-U6VofLJtxB8qtAM+l+E63v03QNY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93676a69d09bf5-FRA

POST
H2 200 trackSegmentEvent Show response
themayor.notion.site/api/v3/ 2 B
2 KB 195ms
195ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/trackSegmentEvent

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93676a5eec9130-FRA

POST
H2 200 trackSegmentEvent Show response
themayor.notion.site/api/v3/ 2 B
221 B 194ms
194ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/trackSegmentEvent

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:38 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93676a7f429130-FRA

POST
H2 200 / Show response
hkfxbbdzib.notion.so/ 7 B
86 B 214ms
214ms XHR
text/html 2606:4700::6812:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hkfxbbdzib.notion.so/

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cf-ray: 6f93676bddda6903-FRA
content-length: 7

POST
H2 200 teV1 Show response
www.notion.so/api/v3/ 7 B
273 B 202ms
202ms XHR
text/html 2606:4700::6812:176e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notion.so/api/v3/teV1

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:176e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 7
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7-U6VofLJtxB8qtAM+l+E63v03QNY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93676bdcba9bf5-FRA

POST
H2 200 / Show response
o324374.ingest.sentry.io/api/5741876/envelope/ 2 B
103 B 24ms
23ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o324374.ingest.sentry.io/api/5741876/envelope/?sentry_key=704fe3b1898d4ccda1d05fe1ee79a1f7&sentry_version=7

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://themayor.notion.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://themayor.notion.site
access-control-expose-headers: x-sentry-error, retry-after, x-sentry-rate-limits
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

POST
H2 200 / Show response
o324374.ingest.sentry.io/api/5741876/envelope/ 2 B
65 B 24ms
24ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o324374.ingest.sentry.io/api/5741876/envelope/?sentry_key=704fe3b1898d4ccda1d05fe1ee79a1f7&sentry_version=7

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://themayor.notion.site/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://themayor.notion.site
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 2

POST
H2 200 / Show response
hkfxbbdzib.notion.so/ 7 B
63 B 227ms
226ms XHR
text/html 2606:4700::6812:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hkfxbbdzib.notion.so/

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cf-ray: 6f93676edb646903-FRA
content-length: 7

POST
H2 200 teV1 Show response
www.notion.so/api/v3/ 7 B
2 KB 218ms
218ms XHR
text/html 2606:4700::6812:176e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notion.so/api/v3/teV1

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:176e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 7
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7-U6VofLJtxB8qtAM+l+E63v03QNY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93676edaf09bf5-FRA

POST
H2 200 trackSegmentEvent Show response
themayor.notion.site/api/v3/ 2 B
2 KB 194ms
194ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/trackSegmentEvent

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/themayor/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93676ed8859130-FRA

POST
H2 200 trackSegmentEvent Show response
themayor.notion.site/api/v3/ 2 B
244 B 219ms
218ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/trackSegmentEvent

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/themayor/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93676ed88b9130-FRA

POST
H2 200 trackSegmentEvent Show response
themayor.notion.site/api/v3/ 2 B
64 B 664ms
664ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/trackSegmentEvent

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/themayor/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f9367704b379130-FRA

POST
H2 200 teV1 Show response
www.notion.so/api/v3/ 7 B
274 B 698ms
697ms XHR
text/html 2606:4700::6812:176e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notion.so/api/v3/teV1

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:176e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 7
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7-U6VofLJtxB8qtAM+l+E63v03QNY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f9367704dba9bf5-FRA

POST
H2 200 / Show response
hkfxbbdzib.notion.so/ 7 B
63 B 252ms
251ms XHR
text/html 2606:4700::6812:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hkfxbbdzib.notion.so/

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:39 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cf-ray: 6f9367704e886903-FRA
content-length: 7

POST
H2 200 / Show response
hkfxbbdzib.notion.so/ 7 B
86 B 208ms
208ms XHR
text/html 2606:4700::6812:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hkfxbbdzib.notion.so/

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cf-ray: 6f93677229d36903-FRA
content-length: 7

POST
H2 200 trackSegmentEvent Show response
themayor.notion.site/api/v3/ 2 B
64 B 199ms
198ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/trackSegmentEvent

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/themayor/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f9367722f0d9130-FRA

POST
H2 200 / Show response
hkfxbbdzib.notion.so/ 7 B
63 B 219ms
219ms XHR
text/html 2606:4700::6812:166e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://hkfxbbdzib.notion.so/

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:166e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000
X-Content-Type-Options	nosniff

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8
access-control-allow-origin: *
cf-ray: 6f9367747e546903-FRA
content-length: 7

POST
H2 200 trackSegmentEvent Show response
themayor.notion.site/api/v3/ 2 B
87 B 660ms
659ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/trackSegmentEvent

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/themayor/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f9367747ba89130-FRA

POST
H2 200 teV1 Show response
www.notion.so/api/v3/ 7 B
169 B 240ms
239ms XHR
text/html 2606:4700::6812:176e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.notion.so/api/v3/teV1

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:176e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sat, 09 Apr 2022 12:56:40 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 7
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7-U6VofLJtxB8qtAM+l+E63v03QNY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: text/html; charset=utf-8
access-control-allow-origin: *
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f936774ae7d9bf5-FRA

POST
H2 200 ping Show response
themayor.notion.site/api/v3/ 2 B
64 B 194ms
194ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/ping

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/themayor/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:41 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
content-length: 2
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93677d3ffe9130-FRA

POST
H2 200 getAssetsJsonV2 Show response
themayor.notion.site/api/v3/ 34 KB
12 KB 664ms
663ms Fetch
application/json 2606:4700::6812:91f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themayor.notion.site/api/v3/getAssetsJsonV2

Requested by

Host: themayor.notion.site
URL: https://themayor.notion.site/581-0ba303cd35e494e68149.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:91f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

10540125cc91db91467db82e8805a54d0f3026d6f5f6baff41c7d4abfb0b91e0

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://themayor.notion.site/themayor/Pentesting-Notes-9c46a29fdead4d1880c70bfafa8d453a
Content-Type: application/json
x-notion-active-user-header
accept-language: nl-NL,nl;q=0.9
notion-client-version: 23.10.24.22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
notion-audit-log-platform: web

Response headers

date: Sat, 09 Apr 2022 12:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-dns-prefetch-control: off
vary: Accept-Encoding
x-xss-protection: 1; mode=block
referrer-policy: same-origin
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"883f-GmBVFYeto8AsZoIqjieIrTe1eik"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=5184000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
content-security-policy: script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
cf-ray: 6f93677d38089130-FRA

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.notion.site/	1970-01-20 02:13:15	Name: notion_check_cookie_consent Value: true
.notion.site/	1970-01-20 10:57:24	Name: NEXT_LOCALE Value: en-US
themayor.notion.site/	1969-12-31 23:59:59	Name: logglytrackingsession Value: 97aa5f0f-aaa3-4992-a3ab-376d8f9c8ae4
.notion.site/	1970-01-20 10:57:24	Name: notion_experiment_device_id Value: 8d64b06b-5001-4553-90af-80f2094c7d88
.notion.site/	1970-01-20 10:57:24	Name: notion_locale Value: en-US/autodetect
.unsplash.com/	1970-01-20 10:57:24	Name: ugid Value: 59eadd57f28de406111acfb033f9d7765498363

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://themayor.notion.site/image/https%3A%2F%2Ftcm-sec.com%2Fwp-content%2Fuploads%2F2020%2F09%2FTransparent-Logo-1.png?table=block&id=a6475fb3-afac-4100-be93-088d5600eeb6&spaceId=536218c5-c19e-4418-bf8e-94b8d09cf776&width=500&userId=&cache=v2 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'unsafe-eval' https://gist.github.com https://apis.google.com https://www.google.com https://www.gstatic.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://widget.intercom.io https://js.intercomcdn.com https://logs-01.loggly.com https://cdn.segment.com https://analytics.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://embed.typeform.com https://admin.typeform.com https://public.profitwell.com js.sentry-cdn.com https://js.chilipiper.com https://platform.twitter.com https://cdn.syndication.twimg.com; connect-src 'self' https://msgstore.www.notion.so wss://msgstore.www.notion.so ws://localhost:* ws://127.0.0.1:* https://notion-emojis.s3-us-west-2.amazonaws.com https://s3-us-west-2.amazonaws.com https://s3.us-west-2.amazonaws.com https://notion-production-snapshots-2.s3.us-west-2.amazonaws.com https://cdn.amplitude.com https://api.amplitude.com https://hkfxbbdzib.notion.so https://www.notion.so https://api.embed.ly https://js.intercomcdn.com https://api-iam.intercom.io wss://nexus-websocket-a.intercom.io https://logs-01.loggly.com https://cdn.segment.com https://api.segment.io https://analytics.pgncs.notion.so https://api.pgncs.notion.so https://o324374.ingest.sentry.io https://checkout.stripe.com https://js.stripe.com https://cdn.contentful.com https://preview.contentful.com https://images.ctfassets.net https://www2.profitwell.com https://tracking.chilipiper.com https://api.chilipiper.com https://api.unsplash.com https://boards-api.greenhouse.io https://api.statuspage.io https://pgncd.notion.so https://api.statsig.com; font-src 'self' data: https://cdnjs.cloudflare.com https://js.intercomcdn.com; img-src 'self' data: blob: https: https://platform.twitter.com https://syndication.twitter.com https://pbs.twimg.com https://ton.twimg.com; style-src 'self' 'unsafe-inline' https://cdnjs.cloudflare.com https://github.githubassets.com https://js.chilipiper.com https://platform.twitter.com https://ton.twimg.com; frame-src https: http:; media-src https: http:
Strict-Transport-Security	max-age=5184000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.statsig.com
hkfxbbdzib.notion.so
images.unsplash.com
logs-01.loggly.com
o324374.ingest.sentry.io
themayor.notion.site
themayor.tech
www.notion.so
20.93.28.56
2001:4860:4802:36::15
2606:4700::6812:166e
2606:4700::6812:176e
2606:4700::6812:91f
2a04:4e42:1b::720
34.120.195.249
52.33.155.26
0147dfddcfe7c192f39593b8405ca11ebb0f9f05e415ce70a66d254a0bc7dcd2
049fbc125f7e57bf72cc676b5776b40f19f5745e2c3a5d6640f6df3c33c37379
060f8b259a9ea30db37609afbb91fe34a2e4e770469e5ae9d723d0a7be9360cf
06cf15a4771b6d07a6b1039cbf0c8e6fb4770374d328f743661eb1338f27fde2
0d610d5f974891533dd4a917ff45d0adb28992bd9531c8062b97031a5e3e0693
10540125cc91db91467db82e8805a54d0f3026d6f5f6baff41c7d4abfb0b91e0
12f44d849cb5fb3edfe0e26e84361b43ec002bd1e4ec97cb21440141f380683a
17acff853d3d437cb546b2699b8561e7d7c20017c2fd10ef45de6cb225d287a2
235c2df0fbb6ac90db826fa439f05eef89845f2184a340167fa9e921722db1ca
23fa0250351cfd940d43ffa2211e444807649878f6c861ba74159e97ed165492
247c6cbbf1e02f311b5a5d0ffd13236a378d21f2d8f6bcf35e42b1195feebe7f
277a8474304bad4fcef8feaaf3e09b2fc53fff9b6d2a046b9b9960625266ff69
392b91058ed889cd58c32b67ca6810ed899ea423c93c7be8fbbd1c78e728d585
3a4cae0fed47664c7cead55ca90d7118f383f52380b72ce8b8f4ee4d9693a90f
40b35490717104667f6c98c9efda4aa96fe2079a603cc88055b1fa4cce68035a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4627f36ef36eaaa424ca50d589da373ef6a903edeb1f202ab84e0e358fd38280
463b6ac6d7db8d9e7a7e58eb6cbd626d5384c3b0b7f5b8b42e6e41a91df1634a
4e22f41c0fcb5bb25cc23bf8351771a9d700c7bd23314024ccc3cfa974a440df
55ef0c974d6743ee379a4e1149864206d88fb023262d7249fc01d9cd6399adbb
5792e6fe205a8612f3fcf22c6d626ed3cfdf3a1afd9f9a1938571d0b489cd8ec
6829c980e5cac587de1826ceb74cb5c10817df07739e1b3707863e4f46380592
68c088e00f31dc3f1fb5b43f0618ee0ace73c5f643e0c385091dc85309cb6f04
6946a6a5b7e38844053edf8e3534468fcaeb011d2748374cb5c61c2760526a79
6fdcd6668f1ae332202baf55c5a2d957958ce156e0c414e36cc617c8808a0387
70709fa61e0fae66603ef4345b507a56bbfb35c87a037eb855d464a5210c4c9b
796323f3774d97179f2965f7b91b7e8500c3e7f3d72a066983af933e29365f61
7bd3c38de4076a1ff8d4f1199cefff075f3731cf6fe1138ba3eb90a1f3cb5a3b
837e50df3f1cd0d181206ce7b6c5fe4bc266e2c3848d1a3ce885e890712ca04b
895f0a272f02de4042ee13e54867c7e193c16822537a89a79fb43f86572bc76e
8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
900c651674333208a03e12dfa0aa68d10b8887bbb167cd24483e9a5ae54c60dc
92029e0e404503424a2e7d9e6fd3a932d4fd659eddae1c2ac9fb95b86cf7492b
9865c025d52e7cf86a9e093d4a81bd4d500d4c1eb3595e53a9bc6299d573ac92
aac994ce41beb0fd775f0454a9b625cdf23fd688e2a7d3c76c280935dcccf0f4
aad191fdfe7a7b7d1f8a893ef18b3fbee33e509f0ad56f73245a8c309b0a7351
aebc07ded8355913888da15d636434f0b343373f4f36294fd7c529c60cbcb2aa
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
aeef7fd746fe05cc03fd391fd13716220b663877bb48c878fdf0318e6f284c6e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b755f8f4388cf48437c8f0c86da093b916052261d887e66fe1be505196948fdc
b9b8e354a9a131ae0751b38473daf1149355337efdbe60363528a4c271a7759f
ba0af71a9b83a6a3b5dc0430316a66a297f4b8155956749abec861f2af092344
c28d71c876d0fdfb4effcf5e80afc7c536ab60f98f79427c512c07867ea32c16
cac920959f5b4db2ae224e886ec542d89fe8ec36699b7a9559674ad27aa5812f
cc677e5a56a56ce0675a5e76038b6b3abdd23a320d7e2cf78220fa7dfa5f64b4
cdc7a3d8f9ce204e8853c2f7088b9c3fe488432314d1ea6c17cf8fd4ae179261
cf1fc88b342d3431b1af7211385b89801bd3b3e32fd914c5c6c6339c7db844ac
d26b0b3e8186c040b9f3f23280ebc2ee12f52fb94ad8a0fa5b17046eb00cd682
da3bd5c058c002cd14eca253f75a05f335c390569ad110691813fe14f5f0f2f1
e514dd6abdf3c61b788c7c846326f02cfed107246e192b59a36a67bb922ba547
e69ad51b43d8e96f6f98025c8f3f7ab5f9f0c709d029848e928cb3648e67d1f2
e74fe924eac442347f517ac801a93adbdc5558f13105b58a6ff83372172f210a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35d00a4897eeb7e49b1980a459741455bf5ff52447ea42e7603f3e8305db7cc
f5328a1b14736bde6d10f8afc8bb666380ad5d86de391361c7f1019d5bdf6ab9

themayor.notion.site Open in urlscan Pro 2606:4700::6812:91f Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

87 Requests

100 %HTTPS

63 %IPv6

7 Domains

8 Subdomains

8 IPs

2 Countries

6768 kBTransfer

13978 kBSize

6 Cookies

22 Outgoing links

Page URL History

Redirected requests

87 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

themayor.notion.site Open in urlscan Pro
2606:4700::6812:91f Public Scan

Screenshot
Live screenshot

Full Image

87
Requests

100 %
HTTPS

63 %
IPv6

7
Domains

8
Subdomains

8
IPs

2
Countries

6768 kB
Transfer

13978 kB
Size

6
Cookies

87 HTTP transactions
3 data transactions