Submitted URL: https://t.co/x0FpeJUVsB?amp=1
Effective URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Submission: On August 13 via manual from JP

Summary

This website contacted 13 IPs in 2 countries across 9 domains to perform 49 HTTP transactions.
The main IP is 2606:4700::6810:797f, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is medium.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 1st 2017. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 104.244.42.69 13414 (TWITTER)
6 2606:4700::68... 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
20 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 54.230.95.113 16509 (AMAZON-02)
1 2600:9000:200... 16509 (AMAZON-02)
1 54.230.93.127 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2600:9000:200... 16509 (AMAZON-02)
2 35.171.99.132 14618 (AMAZON-AES)
5 54.164.26.255 14618 (AMAZON-AES)
49 13
Domain
Subdomains
Transfer
31 medium.com
719 KB
5 lightstep.com
2 KB
4 branch.io
23 KB
2 parsely.com
765 B
2 google.com
15 KB
2 google-analytics.com
17 KB
1 d1z2jf7jlzjs58.cloudfront.net
17 KB
1 app.link
723 B
1 t.co
435 B
49 9
Domain Requested by
10 cdn-client.medium.com medium.com
cdn-client.medium.com
10 miro.medium.com medium.com
6 medium.com t.co
cdn-client.medium.com
5 collector-medium.lightstep.com cdn-client.medium.com
5 glyph.medium.com medium.com
3 api2.branch.io cdn-client.medium.com
2 srv-2019-08-13-21.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net
2 smartlock.google.com cdn-client.medium.com
smartlock.google.com
2 www.google-analytics.com medium.com
1 d1z2jf7jlzjs58.cloudfront.net cdn-client.medium.com
1 app.link cdn.branch.io
1 cdn.branch.io medium.com
1 t.co
49 13

This site contains links to these domains. Also see Links.

Domain
ripplepromo.online
psiloveyou.xyz
help.medium.com
Subject / Issuer Validity Valid
t.co
DigiCert SHA2 High Assurance Server CA
2019-03-07 -
2020-03-07
a year
medium.com
DigiCert SHA2 Extended Validation Server CA
2017-06-01 -
2019-08-30
2 years
*.medium.com
DigiCert SHA2 Secure Server CA
2018-07-31 -
2020-09-09
2 years
*.google-analytics.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months
*.branch.io
DigiCert SHA2 Secure Server CA
2018-12-05 -
2020-12-08
2 years
appipv4.link
Amazon
2018-09-17 -
2019-10-17
a year
*.cloudfront.net
DigiCert Global CA G2
2018-10-08 -
2019-10-09
a year
*.google.com
Google Internet Authority G3
2019-07-29 -
2019-10-21
3 months
*.pixel.parsely.com
Amazon
2019-02-27 -
2020-03-27
a year
*.lightstep.com
Let's Encrypt Authority X3
2019-07-15 -
2019-10-13
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
x0FpeJUVsB?amp=1
t.co
393 B
435 B
Document
General
Full URL
https://t.co/x0FpeJUVsB?amp=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
879edfcd28304c4db3ad52f87483dea3affc75bec0a46509789153c158690d45
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/x0FpeJUVsB?amp=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
223
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2019 21:57:59 GMT
expires
Tue, 13 Aug 2019 22:02:59 GMT
server
tsa_f
set-cookie
muc=cb7c980d-4286-43e0-b58f-b31ea163dae9; Max-Age=63072000; Expires=Thu, 12 Aug 2021 21:57:59 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
52d427be685bf0a378778b9551d47bad
x-response-time
131
x-xss-protection
0
xrp-semi-annual-promotion-de5b0c816708
/@bgarlinghouseannualx
77 KB
17 KB
Document
General
Full URL
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Requested by
Host: t.co
URL: https://t.co/x0FpeJUVsB?amp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:797f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
084ed678e76be7329c8a653087f7e474d6282386fb6f4da2413656ec317765ac
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from medium.com

Request headers

:method
GET
:authority
medium.com
:scheme
https
:path
/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://t.co/x0FpeJUVsB?amp=1
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://t.co/x0FpeJUVsB?amp=1

Response headers

status
200
date
Tue, 13 Aug 2019 21:58:00 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d95465da5727c02e8271f22a4766303c11565733479; expires=Wed, 12-Aug-20 21:57:59 GMT; path=/; domain=.medium.com; HttpOnly uid=lo_QtyqN4SP1W4V; Expires=Wed, 12-Aug-20 21:57:59 GMT; Domain=.medium.com; Path=/; Secure; HttpOnly sid=1:XqlNSYpwxItWzm4ldCfcQxFUT8UAt9jz88WeQXlbFHI/YB7cyIqMt4EY/t7aEb5x; path=/; expires=Wed, 12 Aug 2020 21:57:59 GMT; domain=.medium.com; secure; httponly __cfruid=e5e940dc4857227cd410a2e74028bea0f8b36a3a-1565733480; path=/; domain=.medium.com; HttpOnly
sepia-upstream
production
x-frame-options
allow-from medium.com
medium-fulfilled-by
lite/master-20190813-212450-3914ecb416, rito/master-20190813-194531-d6d26725bc, tutu/38330-f1b50e0
etag
W/"13322-X9NYBEhvg8N5p7vtazse37MorHc"
vary
Accept-Encoding
content-encoding
gzip
x-envoy-upstream-service-time
751
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
505df2a91d0dd701-FRA
m2.css
glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin
44 KB
29 KB
Stylesheet
General
Full URL
https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
087a4c7aa118304c5ce85d5917d95a49b3c93204ef3500752dfde52595e4eac6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
26
status
200
access-control-max-age
86400
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
505df2af8f3163ad-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Wed, 14 Aug 2019 01:58:00 GMT
2*xMI226ynBx0sYpiDr1bajg.jpeg
miro.medium.com/fit/c/96/96
3 KB
3 KB
Image
General
Full URL
https://miro.medium.com/fit/c/96/96/2*xMI226ynBx0sYpiDr1bajg.jpeg
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
98c0c8d531d697f17a823873c83adfb44ae543519b31a3cea5d1cdd265a7e8ed
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2965
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3197-fb89d63
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
3159
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
505df2af88b4bf28-FRA
expires
Thu, 12 Sep 2019 21:58:00 GMT
1*SfNDcOnl--YgL50MaaxKMw.png?q=20
miro.medium.com/max/60
3 KB
3 KB
Image
General
Full URL
https://miro.medium.com/max/60/1*SfNDcOnl--YgL50MaaxKMw.png?q=20
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
72fccb187adbb7a1a967cd1985646143865c676a7920ce31ed35407ea038bc34
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1304054
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3196-7da812a
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
3114
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
505df2af88b7bf28-FRA
expires
Thu, 12 Sep 2019 21:58:00 GMT
2*xMI226ynBx0sYpiDr1bajg.jpeg
miro.medium.com/fit/c/160/160
6 KB
7 KB
Image
General
Full URL
https://miro.medium.com/fit/c/160/160/2*xMI226ynBx0sYpiDr1bajg.jpeg
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
c21423fd82c48fbf421faae4f864ce0c31a1ab8f76886d819c71e149b5c09d35
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
420
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3197-fb89d63
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
6527
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
505df2afc916bf28-FRA
expires
Thu, 12 Sep 2019 21:58:00 GMT
manifest.62fb63fe.js
cdn-client.medium.com/lite/static/js
3 KB
2 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/manifest.62fb63fe.js
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
bffcc94c3d87e9a3cddab7905a2edfadf551234aaed68759991df8bd3d6fdae7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1421
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-amz-request-id
0AB3CC7BF66C4F80
x-amz-id-2
hVFBypLYQiI4QTggufk61hqgaUvaKXbpyoI7fOAB+VGnkyMZ/sgyJjrowlVZ7K0TeU4qrFFdhUA=
last-modified
Tue, 13 Aug 2019 21:29:38 GMT
server
cloudflare
etag
W/"5b9794c9ba5da30ef9b727df3d5ff57b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
cz7DN0fKe3yzgYYor8oKxxZ24rFfg1Rj
cache-control
public, max-age=31536000
cf-ray
505df2afc910bf28-FRA
expires
Wed, 12 Aug 2020 21:58:00 GMT
vendors~main.4648f493.chunk.js
cdn-client.medium.com/lite/static/js
808 KB
209 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7a401a199a95276f34c08f12596c8a032ce12ad28529d291b3667acd256cbcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1033633
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-amz-request-id
4302BAB1D64A6458
x-amz-id-2
XHGtq3zepUSkDFMeLaQW0EsBsZpfdAqCbC6tvMP+GfqWhgNIgRcStgvP3ETcXm19G8Z6Ycvx4Tk=
last-modified
Thu, 01 Aug 2019 22:17:26 GMT
server
cloudflare
etag
W/"1ae5338a32b3aa4da19d4c6bf026b62d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
63m6lBMJSBlcAMnMuJvE1bbOJvOt2_.t
cache-control
public, max-age=31536000
cf-ray
505df2afc911bf28-FRA
expires
Wed, 12 Aug 2020 21:58:00 GMT
main.a589b856.chunk.js
cdn-client.medium.com/lite/static/js
337 KB
81 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/main.a589b856.chunk.js
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1146e3fc558764f04c8db0de5c934bc59812a4e86594bd33ccd466dd39aa793
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5342
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-amz-request-id
8F9C175289B1B44F
x-amz-id-2
q6SPMJpGym0JwMC7fjNUOMZ58xEYikJf0LaZ7w6TaN2iPevXni+WU9mae/gvigqz4x6zJesIt9s=
last-modified
Tue, 13 Aug 2019 20:23:57 GMT
server
cloudflare
etag
W/"c5ac902018890941b5ee5736e0e67bdb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
6ssVHBJt9bHaWJu7AmjS5iaOXd2N4y5l
cache-control
public, max-age=31536000
cf-ray
505df2afc912bf28-FRA
expires
Wed, 12 Aug 2020 21:58:00 GMT
vendors~screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~~b319665e.f2be28a6.chunk.js
cdn-client.medium.com/lite/static/js
34 KB
15 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/vendors~screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~~b319665e.f2be28a6.chunk.js
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
81ab67a50a01c52c9cffc2a0fd8579dd4cbdcd41bb6fe4a7754d2bac02cfad65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1140957
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-amz-request-id
66729C246ADAF873
x-amz-id-2
QR20wLfdrPvkotdvTeClYzQKVF2SuikIFSvcm/wOtabQ8bmRszh8HTJ/HIarSDjHTu3oztGeX60=
last-modified
Wed, 17 Jul 2019 16:46:30 GMT
server
cloudflare
etag
W/"23e34e999de903dca6d0f87ef9d52146"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
tpvIBvcLxTFWEWeNwKS73HBJUi32agUY
cache-control
public, max-age=31536000
cf-ray
505df2afc913bf28-FRA
expires
Wed, 12 Aug 2020 21:58:00 GMT
screen.post~screen.post.amp~screen.post.series~screen.profile~screen.sequence.library~screen.sequenc~036c6b37.7559f46f.chunk.js
cdn-client.medium.com/lite/static/js
47 KB
14 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/screen.post~screen.post.amp~screen.post.series~screen.profile~screen.sequence.library~screen.sequenc~036c6b37.7559f46f.chunk.js
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e8c6b2273e342b052d1d430cdaca0f488c74906f336dc8f24b892e9b56f8e8f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
17836
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-amz-request-id
4F63CDEC33C8AE92
x-amz-id-2
heXuBbOkTCFYxX5hW2d2hGpug3+uM5R/gXXACblfa5AngsVkXWSxAWKCZu/WiqU5FzZ8tFadPq4=
last-modified
Tue, 13 Aug 2019 16:03:46 GMT
server
cloudflare
etag
W/"414231a2f31ed354facd87548d3ae052"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
16yfMISHgIV5aaZAaZm0jVlZHxcVYyiv
cache-control
public, max-age=31536000
cf-ray
505df2afc914bf28-FRA
expires
Wed, 12 Aug 2020 21:58:00 GMT
screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~screen.s~5e114ebe.aaf4681a.chunk.js
cdn-client.medium.com/lite/static/js
113 KB
30 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/screen.landingpages.trumpland~screen.post~screen.post.amp~screen.post.series~screen.profile~screen.s~5e114ebe.aaf4681a.chunk.js
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9379448ca2bec7d3154d1498abcc277d9888045d9aa94c37780eeb9b16d9ec2
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
13334
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-amz-request-id
4B3E2AC8D59FBCD9
x-amz-id-2
YlKAK2mPim3MhHjsTHKetoKyLBKHHI6bv3MnI3SavKjtyL3ppeOxHivKl0K5lHX0kqcaGGBI++U=
last-modified
Tue, 13 Aug 2019 18:11:32 GMT
server
cloudflare
etag
W/"91cab521738a16c14a093d21877c6482"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
TRAGdLphLXTS7kkQ1XJrVzrXa8fIJz_2
cache-control
public, max-age=31536000
cf-ray
505df2afc915bf28-FRA
expires
Wed, 12 Aug 2020 21:58:00 GMT
screen.post~screen.post.amp~screen.sequence.post.f76535f1.chunk.js
cdn-client.medium.com/lite/static/js
108 KB
27 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/screen.post~screen.post.amp~screen.sequence.post.f76535f1.chunk.js
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
846ad2226689c27566deb3f0335c3b5fc9b14e1f4d0b2cb33b3de1ca40596d64
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1421
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-amz-request-id
657AF1FA9FCC0C72
x-amz-id-2
abk1XmsfAgfRKSXFfjEIlMWDp/szbPVMvjq0uIwzXS7ereuOHO2tRp+Tj9RESjuuKShRZeqayfM=
last-modified
Tue, 13 Aug 2019 21:29:42 GMT
server
cloudflare
etag
W/"384af2c4502e3c461ae402ab98c63d24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
yaS7P5HAs.bGmAelKnZznf72Q5RuWs4O
cache-control
public, max-age=31536000
cf-ray
505df2aff939bf28-FRA
expires
Wed, 12 Aug 2020 21:58:00 GMT
screen.post.e5611816.chunk.js
cdn-client.medium.com/lite/static/js
48 KB
14 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/screen.post.e5611816.chunk.js
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f46a9ff68981345f1179dbf58bd2119393f167c0551276d1c6bef9bc7f5108b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
9568
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-amz-request-id
13181A1970F07CB7
x-amz-id-2
27bstM+F4wrRYXlwSCFrvo7lKxnf3M8NUbGPl383CHFzTYQ6MGWTa5GLFa5/JIVL+9vmkMcbTKQ=
last-modified
Tue, 13 Aug 2019 19:11:01 GMT
server
cloudflare
etag
W/"50c0c0322f74f656ee733dbea7591a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
Mrzp62Q_nVgeRZ0XuRQTDOStvLvJBPu0
cache-control
public, max-age=31536000
cf-ray
505df2aff93abf28-FRA
expires
Wed, 12 Aug 2020 21:58:00 GMT
Adblocked analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2019 21:35:27 GMT
server
Golfe2
age
1290
date
Tue, 13 Aug 2019 21:36:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17724
expires
Tue, 13 Aug 2019 23:36:30 GMT
branch-latest.min.js
cdn.branch.io
71 KB
22 KB
Script
General
Full URL
https://cdn.branch.io/branch-latest.min.js
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.95.113 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-95-113.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eacb0667ab0b3b2bf3709448351d1cf4abf76aaa0febd955cafa892408cfc421

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
niwfoqhU_AnqkvtSMs5r0ZFpRVGmQSMv
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 09 Jul 2019 22:22:17 GMT
Server
AmazonS3
Age
114
ETag
"4f18667a379e69fb939087b1fe6d8a31"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 ed522e38bfbcd76f653d4691110d92a1.cloudfront.net (CloudFront)
Cache-Control
max-age=300
Date
Tue, 13 Aug 2019 21:56:06 GMT
X-Amz-Cf-Pop
FRA2
Content-Length
21695
X-Amz-Cf-Id
lnXa8GAD1ScUe-VmJLg-yLv27ZiymVpK_u_B_44-D9YWj-xEb0hHvA==
data:truncated
data:truncated
156 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c0cc04185396c9a83cfda3644c23327d7d8ff9247157c438575b83713894173

Request headers

Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/svg+xml
data:truncated
data:truncated
9 KB
9 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99c5448d6c84fc71d6805e2485727db250113edcaea123a064f8c26ce95947d8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://medium.com

Response headers

Content-Type
font/opentype
fell-400-normal.woff
glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm
14 KB
14 KB
Font
General
Full URL
https://glyph.medium.com/font/78ce731/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/fell-400-normal.woff
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin
https://medium.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
14994694
status
200
access-control-max-age
86400
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
505df2afdb25d6bd-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Wed, 12 Aug 2020 21:58:00 GMT
data:truncated
data:truncated
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://medium.com

Response headers

Content-Type
font/opentype
charter-400-italic.woff
glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm
10 KB
11 KB
Font
General
Full URL
https://glyph.medium.com/font/81d2bf1/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-400-italic.woff
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin
https://medium.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
15813531
status
200
access-control-max-age
86400
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
505df2afdb28d6bd-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Wed, 12 Aug 2020 21:58:00 GMT
charter-700-normal.woff
glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm
10 KB
10 KB
Font
General
Full URL
https://glyph.medium.com/font/f50d520/0-3j_4g_6bu_6c4_6c8_6c9_6cc_6cd_6ci_6cm/charter-700-normal.woff
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin
https://medium.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1692614
status
200
access-control-max-age
86400
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
505df2afdb29d6bd-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Wed, 12 Aug 2020 21:58:00 GMT
data:truncated
data:truncated
10 KB
10 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1ed6a034a5055a869c7c25765ee1f2844a27a54e83e8a857d77b3f1cd83dd3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://medium.com

Response headers

Content-Type
font/opentype
marat-sans-400-normal.woff
glyph.medium.com/font/d8659c9/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj
14 KB
14 KB
Font
General
Full URL
https://glyph.medium.com/font/d8659c9/3k-4f_4h-6bt_6bv-6c3_6c5-6c7_6ca-6cb_6ce-6ch_6cj-6cl_6cn-nvnj/marat-sans-400-normal.woff
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7691 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
12fe85ec038af8c41ba830412520589dbd125d417913c10a57838ac92ab96192
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
cors
Referer
https://glyph.medium.com/css/e/sr/latin/e/ssr/latin/e/ssb/latin/m2.css
Origin
https://medium.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
16206479
status
200
access-control-max-age
86400
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/font-woff
access-control-allow-origin
*
cache-control
public, max-age=31536000
access-control-allow-credentials
true
cf-ray
505df2afdb2dd6bd-FRA
access-control-allow-headers
Accept, Cache-Control, Content-Type, Cookie, DNT, Origin, User-Agent, X-Client-Date, X-Obvious-Cid, X-Opentracing, X-Xsrf-Token, ot-tracer-sampled, ot-tracer-spanid, ot-tracer-traceid
expires
Wed, 12 Aug 2020 21:58:00 GMT
Adblocked collect?v=1&_v=j78&a=353645664&t=pageview&_s=1&dl=https%3A%2F%2Fmedium.com%2F%40bgarlinghouseannualx%2Fxrp-semi-annual-promotion-de5b0c816708&dr=https%3A%2F%2Ft.co%2Fx0FpeJUVsB%3Famp%3D1&ul=en-us&d...
www.google-analytics.com/r
35 B
108 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j78&a=353645664&t=pageview&_s=1&dl=https%3A%2F%2Fmedium.com%2F%40bgarlinghouseannualx%2Fxrp-semi-annual-promotion-de5b0c816708&dr=https%3A%2F%2Ft.co%2Fx0FpeJUVsB%3Famp%3D1&ul=en-us&de=UTF-8&dt=%23XRP%20Semi-Annual%20promotion%20-%20Brad%20Garlinghouse%20-%20Medium&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1553481555&gjid=113042078&cid=1102805881.1565733481&tid=UA-24232453-2&_gid=1687148391.1565733481&_r=1&z=829694629
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2019 21:58:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked _r?sdk=web2.50.2&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0
app.link
90 B
723 B
Script
General
Full URL
https://app.link/_r?sdk=web2.50.2&branch_key=key_live_ofxXr2qTrrU9NqURK8ZwEhknBxiI6KBm&callback=branch_callback__0
Requested by
Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:b000:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
3dee46ccc2f2ffb654b5e3cbc3664f2c0cae6e9888f5919e67022c36fd7d5780
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 13 Aug 2019 21:58:01 GMT
Via
1.1 143574384d395dec5e078f9c0bab3391.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
Server
openresty/1.13.6.2
X-Amz-Cf-Pop
FRA2
X-Powered-By
Express
X-Cache
Miss from cloudfront
Content-Type
text/javascript; charset=utf-8
Connection
keep-alive
Content-Length
90
ETag
W/"5a-VJozD6bG109gHVxvazi9RaD003E"
X-Amz-Cf-Id
OHNdO6e-g-JoIbfEAbKnthx0kWjv7Z3DzbBKzhqHy37lK99iAlTutQ==
graphql
/_
94 B
257 B
Fetch
General
Full URL
https://medium.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:797f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
29367108c06cee6a70c8d26f17a0a353e8113258dd594728e7fcbf7e7dad32cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Graphql-Operation
InteractivePostBodyQuery
content-type
application/json
accept
*/*
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Medium-Frontend-App
lite/master-20190813-212450-3914ecb416
apollographql-client-version
master-20190813-212450-3914ecb416
Sec-Fetch-Mode
cors

Response headers

date
Tue, 13 Aug 2019 21:58:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
sepia-upstream
production
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
medium-fulfilled-by
rito/master-20190813-194531-d6d26725bc, tutu/38330-f1b50e0
x-envoy-upstream-service-time
63
cf-ray
505df2b7cdd0d701-FRA
x-request-received-at
1565733482322
graphql
/_
4 KB
1 KB
Fetch
General
Full URL
https://medium.com/_/graphql
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:797f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa2d1872ddddc331541f20e0e20578f9013cbc555461f18e6408af5a5f497b42
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

apollographql-client-name
lite
Medium-Frontend-Route
post
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Graphql-Operation
PostRecircQuery
content-type
application/json
accept
*/*
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Medium-Frontend-App
lite/master-20190813-212450-3914ecb416
apollographql-client-version
master-20190813-212450-3914ecb416
Sec-Fetch-Mode
cors

Response headers

date
Tue, 13 Aug 2019 21:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
sepia-upstream
production
server
cloudflare
status
200
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json
access-control-allow-origin
*
medium-fulfilled-by
rito/master-20190813-194531-d6d26725bc, tutu/38330-f1b50e0
x-envoy-upstream-service-time
1159
cf-ray
505df2b7cdd1d701-FRA
x-request-received-at
1565733482299
client-ready
/_/lite/performance
2 B
62 B
Fetch
General
Full URL
https://medium.com/_/lite/performance/client-ready
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a589b856.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:797f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from medium.com

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2019 21:58:02 GMT
x-content-type-options
nosniff
status
200
x-envoy-upstream-service-time
1
vary
Accept-Encoding
content-length
2
sepia-upstream
production
server
cloudflare
x-frame-options
allow-from medium.com
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
medium-fulfilled-by
lite/master-20190813-212450-3914ecb416
accept-ranges
bytes
cf-ray
505df2b7cdd2d701-FRA
vendors~tracing.db265f32.chunk.js
cdn-client.medium.com/lite/static/js
62 KB
16 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/vendors~tracing.db265f32.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.62fb63fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
968d8608b6da81156d86a1aa91922eeb2f2070e24aa12deacb63cb20ac5174b8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1140956
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-amz-request-id
9A51987A3C839A9C
x-amz-id-2
YEjJX+2oWg78sX5DNV+GDrOB7EW39uDIG9xPYQkbf9libzDk8gF7qR0D4poGgCcDhZ8hPZTxXro=
last-modified
Wed, 17 Jul 2019 16:46:30 GMT
server
cloudflare
etag
W/"8b85f5ba7a5018eed99d8f85cc363647"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
91naIfAQoDoaiCCH8C1sUh64Gpl7S8sZ
cache-control
public, max-age=31536000
cf-ray
505df2b2ab57bf28-FRA
expires
Wed, 12 Aug 2020 21:58:01 GMT
tracing.48bfc3d4.chunk.js
cdn-client.medium.com/lite/static/js
2 KB
1 KB
Script
General
Full URL
https://cdn-client.medium.com/lite/static/js/tracing.48bfc3d4.chunk.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/manifest.62fb63fe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cfd68660fc0feefb7bdf21f1f1506ce12772ba6a59eb925c35c30071351d15e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
483015
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
x-amz-request-id
4B313C322DB800AB
x-amz-id-2
1TY5Awze7YueRrGN19SmCC32sijgH6MulK2QQer0V23VTIDX581L14LY1eS/ZoDRwY1cynPevFg=
last-modified
Wed, 17 Jul 2019 16:46:29 GMT
server
cloudflare
etag
W/"bd75cb7dcbb3f62113bd379fc8617cc3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
u4vvfBiKdIorS_7DQmdz0q2sg.rNDrWD
cache-control
public, max-age=31536000
cf-ray
505df2b2ab58bf28-FRA
expires
Wed, 12 Aug 2020 21:58:01 GMT
Adblocked p.js
d1z2jf7jlzjs58.cloudfront.net/keys/medium.com
41 KB
17 KB
Script
General
Full URL
https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a589b856.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.230.93.127 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-230-93-127.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
2ec3f1be2d2113c8735e56370fd02cd5171467e03711eb3aa73685991657a8c0
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Mon, 12 Aug 2019 00:22:08 GMT
Content-Encoding
gzip
Age
72924
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Pragma
public
Last-Modified
Sat, 08 Jun 2019 00:02:21 GMT
Server
nginx
ETag
"5cfafb0d-a4fb"
Content-Type
application/x-javascript
Via
1.1 7af5638099b4c0c5cbf2f9c79d5100fd.cloudfront.net (CloudFront)
Cache-Control
max-age=86400, public
X-Amz-Cf-Pop
FRA2
X-Amz-Cf-Id
JjDmB2EWGv9MINygQg4_xy8UWEmZZWLhoibIpEbvwHRIAJx4ju66lg==
Expires
Tue, 13 Aug 2019 00:22:08 GMT
client
smartlock.google.com
48 KB
15 KB
Script
General
Full URL
https://smartlock.google.com/client
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a589b856.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
d07dd88a71f1c7c43e6e8baea729192ebf7fea74113f7aff30d49640be76fa01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GzhONKbFksOFBkJNozJXBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityYoloWebClientEndpoint/cspreport;worker-src 'self', script-src 'nonce-GzhONKbFksOFBkJNozJXBg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/IdentityYoloWebClientEndpoint/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
content-security-policy
script-src 'report-sample' 'nonce-GzhONKbFksOFBkJNozJXBg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityYoloWebClientEndpoint/cspreport;worker-src 'self', script-src 'nonce-GzhONKbFksOFBkJNozJXBg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/IdentityYoloWebClientEndpoint/cspreport
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
date
Tue, 13 Aug 2019 21:58:01 GMT
x-frame-options
SAMEORIGIN
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-type
application/javascript; charset=utf-8
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
1*SfNDcOnl--YgL50MaaxKMw.png
miro.medium.com/max/700
134 KB
135 KB
Image
General
Full URL
https://miro.medium.com/max/700/1*SfNDcOnl--YgL50MaaxKMw.png
Requested by
Host: medium.com
URL: https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
435bb2d24080f116c629f13a9d687152e2653814323379f2b52035dea6ea3a50
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:01 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
623983
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3196-7da812a
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
137583
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
505df2b30bb9bf28-FRA
expires
Thu, 12 Sep 2019 21:58:01 GMT
open
api2.branch.io/v1
312 B
597 B
XHR
General
Full URL
https://api2.branch.io/v1/open
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty/1.13.6.2 /
Resource Hash
3c37dd5f8c2092f938d1229b49000d0dc9a616291f732453fcbb737e1124fcbb

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 13 Aug 2019 21:58:01 GMT
via
1.1 5954578e851092964f39f2f5f0596950.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA2
status
200
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache
content-length
312
x-amz-cf-id
goxCSmFei2NIIYI3sZf4IMKU7abHlJY6hranwIIAx0OvpidMj8BIEA==
Adblocked ?rand=1565733481461&plid=16335402&idsite=medium.com&url=https%3A%2F%2Fmedium.com%2F%40bgarlinghouseannualx%2Fxrp-semi-annual-promotion-de5b0c816708&urlref=https%3A%2F%2Ft.co%2Fx0FpeJUVsB%3Famp%3D1&...
srv-2019-08-13-21.pixel.parsely.com/start
77 B
380 B
Script
General
Full URL
https://srv-2019-08-13-21.pixel.parsely.com/start/?rand=1565733481461&plid=16335402&idsite=medium.com&url=https%3A%2F%2Fmedium.com%2F%40bgarlinghouseannualx%2Fxrp-semi-annual-promotion-de5b0c816708&urlref=https%3A%2F%2Ft.co%2Fx0FpeJUVsB%3Famp%3D1&screen=1600x1200%7C1600x1200%7C24&data=%7B%22viewerStatus%22%3A%22visitor%22%7D&sid=1&surl=https%3A%2F%2Fmedium.com%2F%40bgarlinghouseannualx%2Fxrp-semi-annual-promotion-de5b0c816708&sref=https%3A%2F%2Ft.co%2Fx0FpeJUVsB%3Famp%3D1&sts=1565733481450&slts=0&title=%23XRP+Semi-Annual+promotion+-+Brad+Garlinghouse+-+Medium&date=Tue+Aug+13+2019+23%3A58%3A01+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&js=1&pvid=52421929&callback=parselyStartCallback
Requested by
Host: d1z2jf7jlzjs58.cloudfront.net
URL: https://d1z2jf7jlzjs58.cloudfront.net/keys/medium.com/p.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.99.132 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-171-99-132.compute-1.amazonaws.com
Software
nginx /
Resource Hash
847a3cb7e19d5081d8cbcea96d9307b6a19e5872f46680080b9a5e85ab3ea10e
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 13 Aug 2019 21:58:01 GMT
Server
nginx
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Length
77
Content-Type
application/json
request?client=https%3A%2F%2Fmedium.com&id=d48eb8d72f1faa3d6d83e5b78d350d3555c278f607bf6c549e089f9f2a8d170d&renderMode=navPopout&preloadRequest=%7B%22type%22%3A%22hint%22%2C%22options%22%3A%7B%22su...
smartlock.google.com/iframe
0
0
Document
General
Full URL
https://smartlock.google.com/iframe/request?client=https%3A%2F%2Fmedium.com&id=d48eb8d72f1faa3d6d83e5b78d350d3555c278f607bf6c549e089f9f2a8d170d&renderMode=navPopout&preloadRequest=%7B%22type%22%3A%22hint%22%2C%22options%22%3A%7B%22supportedAuthMethods%22%3A%5B%22https%3A%2F%2Faccounts.google.com%22%5D%2C%22supportedIdTokenProviders%22%3A%5B%7B%22uri%22%3A%22https%3A%2F%2Faccounts.google.com%22%2C%22clientId%22%3A%22216296035834-k1k6qe060s2tp2a2jam4ljdcms00sttg.apps.googleusercontent.com%22%7D%5D%7D%7D&features=%7B%22feature%22%3A%5B%22DISPLAY_RP_TOS%22%5D%7D
Requested by
Host: smartlock.google.com
URL: https://smartlock.google.com/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RDfP5j7DiQOUTTyIo8z5Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityYoloWebClientEndpoint/cspreport;worker-src 'self' script-src 'nonce-RDfP5j7DiQOUTTyIo8z5Uw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/IdentityYoloWebClientEndpoint/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
smartlock.google.com
:scheme
https
:path
/iframe/request?client=https%3A%2F%2Fmedium.com&id=d48eb8d72f1faa3d6d83e5b78d350d3555c278f607bf6c549e089f9f2a8d170d&renderMode=navPopout&preloadRequest=%7B%22type%22%3A%22hint%22%2C%22options%22%3A%7B%22supportedAuthMethods%22%3A%5B%22https%3A%2F%2Faccounts.google.com%22%5D%2C%22supportedIdTokenProviders%22%3A%5B%7B%22uri%22%3A%22https%3A%2F%2Faccounts.google.com%22%2C%22clientId%22%3A%22216296035834-k1k6qe060s2tp2a2jam4ljdcms00sttg.apps.googleusercontent.com%22%7D%5D%7D%7D&features=%7B%22feature%22%3A%5B%22DISPLAY_RP_TOS%22%5D%7D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
accept-encoding
gzip, deflate, br
cookie
NID=188=F0zg7i373kV0wAMvynK0_HdSUh57eFOebAdXbYBtACreyGheRm10PpBMdl-8MEGSuQnN4fgUDchfMoZsZv9yRIrgZqgqDQD4UMyK5PIeXKudXC_o1SbmPoX0D-wa4GLXMfQPt3n1Nf0Yth1fv9xWc9dsoyGNsEl2YSSCabu_kyg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 13 Aug 2019 21:58:01 GMT
content-security-policy
script-src 'report-sample' 'nonce-RDfP5j7DiQOUTTyIo8z5Uw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdentityYoloWebClientEndpoint/cspreport;worker-src 'self' script-src 'nonce-RDfP5j7DiQOUTTyIo8z5Uw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/IdentityYoloWebClientEndpoint/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
Adblocked pageview
api2.branch.io/v1
28 B
360 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 13 Aug 2019 21:58:01 GMT
via
1.1 5954578e851092964f39f2f5f0596950.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA2
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status
200
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
28
x-amz-cf-id
zgJ8mkvhRsQSDxuRGZqEgDlsAz0s_OlFjIINbQ2T2jgA5NjPqoBPEQ==
Adblocked pageview
api2.branch.io/v1
28 B
360 B
XHR
General
Full URL
https://api2.branch.io/v1/pageview
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200c:e600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty/1.13.6.2 / Express
Resource Hash
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 13 Aug 2019 21:58:01 GMT
via
1.1 5954578e851092964f39f2f5f0596950.cloudfront.net (CloudFront)
server
openresty/1.13.6.2
x-amz-cf-pop
FRA2
x-powered-by
Express
etag
W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
status
200
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
content-length
28
x-amz-cf-id
Q7POwENOOgzJhnJzhoT-Xi-Edi-SeeIzHhk2CL_SzW3bJIzBoZEBpw==
render
/_/lite/performance
2 B
171 B
Fetch
General
Full URL
https://medium.com/_/lite/performance/render
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a589b856.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:797f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options allow-from medium.com

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2019 21:58:02 GMT
x-content-type-options
nosniff
status
200
x-envoy-upstream-service-time
1
vary
Accept-Encoding
content-length
2
sepia-upstream
production
server
cloudflare
x-frame-options
allow-from medium.com
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/plain; charset=utf-8
medium-fulfilled-by
lite/master-20190813-212450-3914ecb416
accept-ranges
bytes
cf-ray
505df2b7cdd3d701-FRA
Adblocked reports
collector-medium.lightstep.com/api/v0
113 B
311 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-164-26-255.compute-1.amazonaws.com
Software
/
Resource Hash
378f4ecf0e0688530a728d12310b61477c637ecd411805bc2b5c7e4b538ec141
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
LightStep-Access-Token
ce5be895bef60919541332990ac9fef2
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2019 21:58:02 GMT
status
200
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
113
Adblocked reports
collector-medium.lightstep.com/api/v0
113 B
311 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-164-26-255.compute-1.amazonaws.com
Software
/
Resource Hash
554192a7c44c61545e46ab6af3885d4ecb719ae115cdf800fcd5ed157794406a
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
LightStep-Access-Token
ce5be895bef60919541332990ac9fef2
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2019 21:58:03 GMT
status
200
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
113
1*7ljFuBXQrz_3R_TNXD6srw.jpeg
miro.medium.com/fit/c/40/40
1 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*7ljFuBXQrz_3R_TNXD6srw.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
8f0ae9bcde0f14ec7451da60379abcf950c54ddbc9e779486df93253792dc3e5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
360019
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3196-7da812a
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
1355
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
505df2c07fb8bf28-FRA
expires
Thu, 12 Sep 2019 21:58:03 GMT
1*DK3yO_-yja0WQc4jCf3bOA.jpeg
miro.medium.com/fit/c/40/40
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/1*DK3yO_-yja0WQc4jCf3bOA.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
f40f76c13e2b3621084d79f360516248039774460e9b88d5180e9d2333bacdd7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
2484677
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3192-d9ea9bb
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
1585
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
505df2c07fbbbf28-FRA
expires
Thu, 12 Sep 2019 21:58:03 GMT
2*oTTkHE11vyCEMboHBjYsxA.jpeg
miro.medium.com/fit/c/40/40
2 KB
2 KB
Image
General
Full URL
https://miro.medium.com/fit/c/40/40/2*oTTkHE11vyCEMboHBjYsxA.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
322893f3ffe0725100011218265243297278585d7b66b58e591430db34566289
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
798824
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3196-7da812a
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
1644
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
505df2c07fbcbf28-FRA
expires
Thu, 12 Sep 2019 21:58:03 GMT
1*4VX9xRv1-9tCc2ETdZOVhQ.jpeg
miro.medium.com/max/328
18 KB
18 KB
Image
General
Full URL
https://miro.medium.com/max/328/1*4VX9xRv1-9tCc2ETdZOVhQ.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
aebca5101a101efd1a081aa0eaf35f9867aa3eb5ee7c9dd904dca5c2cf8edbe3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
208973
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3197-fb89d63
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
18110
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
505df2c07fbfbf28-FRA
expires
Thu, 12 Sep 2019 21:58:03 GMT
1*ntr-5B9JWMCE2CcIF9FsMw.jpeg
miro.medium.com/max/328
26 KB
26 KB
Image
General
Full URL
https://miro.medium.com/max/328/1*ntr-5B9JWMCE2CcIF9FsMw.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
cc564dcd36d047db6081bc719ea7a4a7fc5d2da954cff52b5302488619460e66
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:03 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
499167
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3196-7da812a
status
200
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-length
26307
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
505df2c07fc0bf28-FRA
expires
Thu, 12 Sep 2019 21:58:03 GMT
0*IzKOEdpJLFx3cF9a
miro.medium.com/max/328
16 KB
16 KB
Image
General
Full URL
https://miro.medium.com/max/328/0*IzKOEdpJLFx3cF9a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7791 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
2f46a475742ab23ce56abd36adcaf7b8392a4582c9a1a4db3c5ac0c880c15926
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 21:58:03 GMT
x-content-type-options
nosniff
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3197-fb89d63
status
200
content-length
16439
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, must-revalidate, max-age=2592000
accept-ranges
bytes
cf-ray
505df2c07fc1bf28-FRA
expires
Thu, 12 Sep 2019 21:58:03 UTC
Adblocked reports
collector-medium.lightstep.com/api/v0
113 B
311 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-164-26-255.compute-1.amazonaws.com
Software
/
Resource Hash
474128f245157121ec5fc1501c07904408b222d6bc488e9a78b857c340118587
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
LightStep-Access-Token
ce5be895bef60919541332990ac9fef2
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2019 21:58:04 GMT
status
200
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
113
Adblocked reports
collector-medium.lightstep.com/api/v0
113 B
311 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-164-26-255.compute-1.amazonaws.com
Software
/
Resource Hash
67099dad37d6b5dca3207f98cf308e0f1eb476c241046c99ba358a20a59c9439
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
LightStep-Access-Token
ce5be895bef60919541332990ac9fef2
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2019 21:58:04 GMT
status
200
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
113
batch
/_
97 B
0
Fetch
General
Full URL
https://medium.com/_/batch
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/main.a589b856.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:797f , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
x-xsrf-token
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

date
Tue, 13 Aug 2019 21:58:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Medium
x-obvious-info
38328-a1e5a35,a1e5a356547
status
200
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, Chrome=1
pragma
no-cache
link
<https://medium.com/humans.txt>; rel="humans"
x-obvious-tid
1565733486471:7b658c5e2ace
server
cloudflare
x-frame-options
sameorigin
tk
T
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://glyph.medium.com https://*.paypal.com https://getpocket.com https://medium.com https://*.medium.com https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://*.branch.io 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
cf-ray
505df2d1ff7bd701-FRA
x-opentracing
{"ot-tracer-spanid":"10868b7c084f54f7","ot-tracer-traceid":"3944671c6a8d7bc6","ot-tracer-sampled":"true"}
expires
Thu, 09 Sep 1999 09:09:09 GMT
Adblocked reports
collector-medium.lightstep.com/api/v0
113 B
311 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: cdn-client.medium.com
URL: https://cdn-client.medium.com/lite/static/js/vendors~main.4648f493.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.26.255 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-164-26-255.compute-1.amazonaws.com
Software
/
Resource Hash
2812b607bc9dfbef421f722dd04e9a0d2f43a594517a6f551149fae0af8aa1dd
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
LightStep-Access-Token
ce5be895bef60919541332990ac9fef2
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2019 21:58:07 GMT
status
200
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
113
Adblocked ?rand=1565733491953&plid=16335402&idsite=medium.com&url=https%3A%2F%2Fmedium.com%2F%40bgarlinghouseannualx%2Fxrp-semi-annual-promotion-de5b0c816708&urlref=https%3A%2F%2Ft.co%2Fx0FpeJUVsB%3Famp%3D1&...
srv-2019-08-13-21.pixel.parsely.com/event
43 B
385 B
Image
General
Full URL
https://srv-2019-08-13-21.pixel.parsely.com/event/?rand=1565733491953&plid=16335402&idsite=medium.com&url=https%3A%2F%2Fmedium.com%2F%40bgarlinghouseannualx%2Fxrp-semi-annual-promotion-de5b0c816708&urlref=https%3A%2F%2Ft.co%2Fx0FpeJUVsB%3Famp%3D1&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fmedium.com%2F%40bgarlinghouseannualx%2Fxrp-semi-annual-promotion-de5b0c816708&sref=https%3A%2F%2Ft.co%2Fx0FpeJUVsB%3Famp%3D1&sts=1565733491953&slts=0&date=Tue+Aug+13+2019+23%3A58%3A11+GMT%2B0200+(Central+European+Summer+Time)&action=heartbeat&inc=5&tt=4900&pvid=52421929&u=pid%3D342c13353c4f1068d02a44be9e7f57ec
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.171.99.132 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-35-171-99-132.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 13 Aug 2019 21:58:09 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"
Content-Length
43
Content-Type
image/gif

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| perfMetrics string| GoogleAnalyticsObject function| ga object| branch object| PARSELY string| __BUILD_ID__ string| __GRAPHQL_URI__ object| __PRELOADED_STATE__ object| __APOLLO_STATE__ object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp object| core object| __core-js_shared__ function| main object| __APOLLO_CLIENT__ object| __SENTRY__ function| onGoogleYoloLoad function| parselyStartCallback object| GOOGLE_ONETAP_EXPERIMENTAL_FEATURES string| PROVIDER_URL_BASE object| Ra object| openyolo function| OpenYoloError object| smartlock object| googleyolo function| onGoogleYoloHide

12 Cookies

Domain/Path Name / Value
.medium.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://medium.com/@bgarlinghouseannualx/xrp-semi-annual-promotion-de5b0c816708%22%2C%22sref%22:%22https://t.co/x0FpeJUVsB?amp=1%22%2C%22sts%22:1565733481450%2C%22slts%22:0}
.medium.com/ Name: _gat
Value: 1
.medium.com/ Name: __cfruid
Value: e5e940dc4857227cd410a2e74028bea0f8b36a3a-1565733480
.medium.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=342c13353c4f1068d02a44be9e7f57ec%22%2C%22session_count%22:1%2C%22last_session_ts%22:1565733481450}
.medium.com/ Name: sid
Value: 1:XqlNSYpwxItWzm4ldCfcQxFUT8UAt9jz88WeQXlbFHI/YB7cyIqMt4EY/t7aEb5x
medium.com/ Name: lightstep_session_id
Value: 46ec608359578553
.medium.com/ Name: _gid
Value: GA1.2.1687148391.1565733481
.medium.com/ Name: _ga
Value: GA1.2.1102805881.1565733481
medium.com/ Name: lightstep_guid/lite-web
Value: 4ff8ca1a49fbf3d6
.medium.com/ Name: uid
Value: lo_QtyqN4SP1W4V
.google.com/ Name: NID
Value: 188=F0zg7i373kV0wAMvynK0_HdSUh57eFOebAdXbYBtACreyGheRm10PpBMdl-8MEGSuQnN4fgUDchfMoZsZv9yRIrgZqgqDQD4UMyK5PIeXKudXC_o1SbmPoX0D-wa4GLXMfQPt3n1Nf0Yth1fv9xWc9dsoyGNsEl2YSSCabu_kyg
.medium.com/ Name: __cfduid
Value: d95465da5727c02e8271f22a4766303c11565733479

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn-client.medium.com/lite/static/js/main.a589b856.chunk.js, Line 1, Column283504
Message:
-+++++= .+++++= .+@@@@@+ #@@@@*: .@@@@@= *@@@@@ @+@@@@- =#@@@@@ @ +@@@@: :% @@@@@ @ *@@@@-%: @@@@@ @ *@@@@- @@@@@ -@- #@@+ :@@@@@: -#@@@#- ## =@@@@@@@= ....... .........
console-api log URL: https://cdn-client.medium.com/lite/static/js/main.a589b856.chunk.js, Line 1, Column283760
Message:
We're hiring! https://medium.com/jobs-at-medium/work-at-medium-959d1a85284e

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

api2.branch.io
app.link
cdn-client.medium.com
cdn.branch.io
collector-medium.lightstep.com
d1z2jf7jlzjs58.cloudfront.net
glyph.medium.com
medium.com
miro.medium.com
smartlock.google.com
srv-2019-08-13-21.pixel.parsely.com
t.co
www.google-analytics.com


104.244.42.69
2600:9000:200c:b000:19:9934:6a80:93a1
2600:9000:200c:e600:11:f728:3040:93a1
2606:4700::6810:7691
2606:4700::6810:7791
2606:4700::6810:797f
2a00:1450:4001:815::200e
2a00:1450:4001:819::200e
35.171.99.132
54.164.26.255
54.230.93.127
54.230.95.113

084ed678e76be7329c8a653087f7e474d6282386fb6f4da2413656ec317765ac
087a4c7aa118304c5ce85d5917d95a49b3c93204ef3500752dfde52595e4eac6
12fe85ec038af8c41ba830412520589dbd125d417913c10a57838ac92ab96192
2812b607bc9dfbef421f722dd04e9a0d2f43a594517a6f551149fae0af8aa1dd
29367108c06cee6a70c8d26f17a0a353e8113258dd594728e7fcbf7e7dad32cf
2ec3f1be2d2113c8735e56370fd02cd5171467e03711eb3aa73685991657a8c0
2f46a475742ab23ce56abd36adcaf7b8392a4582c9a1a4db3c5ac0c880c15926
322893f3ffe0725100011218265243297278585d7b66b58e591430db34566289
378f4ecf0e0688530a728d12310b61477c637ecd411805bc2b5c7e4b538ec141
3c37dd5f8c2092f938d1229b49000d0dc9a616291f732453fcbb737e1124fcbb
3cfd68660fc0feefb7bdf21f1f1506ce12772ba6a59eb925c35c30071351d15e
3dee46ccc2f2ffb654b5e3cbc3664f2c0cae6e9888f5919e67022c36fd7d5780
41532aec4c3a3a0747ca853b064ef7a96483a95798a6526974ec043997e2ccf9
435bb2d24080f116c629f13a9d687152e2653814323379f2b52035dea6ea3a50
474128f245157121ec5fc1501c07904408b222d6bc488e9a78b857c340118587
4c0cc04185396c9a83cfda3644c23327d7d8ff9247157c438575b83713894173
554192a7c44c61545e46ab6af3885d4ecb719ae115cdf800fcd5ed157794406a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
67099dad37d6b5dca3207f98cf308e0f1eb476c241046c99ba358a20a59c9439
72fccb187adbb7a1a967cd1985646143865c676a7920ce31ed35407ea038bc34
81ab67a50a01c52c9cffc2a0fd8579dd4cbdcd41bb6fe4a7754d2bac02cfad65
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846ad2226689c27566deb3f0335c3b5fc9b14e1f4d0b2cb33b3de1ca40596d64
847a3cb7e19d5081d8cbcea96d9307b6a19e5872f46680080b9a5e85ab3ea10e
879edfcd28304c4db3ad52f87483dea3affc75bec0a46509789153c158690d45
8f0ae9bcde0f14ec7451da60379abcf950c54ddbc9e779486df93253792dc3e5
968d8608b6da81156d86a1aa91922eeb2f2070e24aa12deacb63cb20ac5174b8
98c0c8d531d697f17a823873c83adfb44ae543519b31a3cea5d1cdd265a7e8ed
99c5448d6c84fc71d6805e2485727db250113edcaea123a064f8c26ce95947d8
9e8c6b2273e342b052d1d430cdaca0f488c74906f336dc8f24b892e9b56f8e8f
a3d669b687929b3aa777fdd2c400c2b8c6b794978536a64d7e1f71edcf8037e8
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
aa2d1872ddddc331541f20e0e20578f9013cbc555461f18e6408af5a5f497b42
aebca5101a101efd1a081aa0eaf35f9867aa3eb5ee7c9dd904dca5c2cf8edbe3
b7a401a199a95276f34c08f12596c8a032ce12ad28529d291b3667acd256cbcd
bffcc94c3d87e9a3cddab7905a2edfadf551234aaed68759991df8bd3d6fdae7
c21423fd82c48fbf421faae4f864ce0c31a1ab8f76886d819c71e149b5c09d35
cc564dcd36d047db6081bc719ea7a4a7fc5d2da954cff52b5302488619460e66
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d07dd88a71f1c7c43e6e8baea729192ebf7fea74113f7aff30d49640be76fa01
d9379448ca2bec7d3154d1498abcc277d9888045d9aa94c37780eeb9b16d9ec2
e1146e3fc558764f04c8db0de5c934bc59812a4e86594bd33ccd466dd39aa793
eacb0667ab0b3b2bf3709448351d1cf4abf76aaa0febd955cafa892408cfc421
ef1ed6a034a5055a869c7c25765ee1f2844a27a54e83e8a857d77b3f1cd83dd3
f0b9a9e4ea994c106a4fc595828ca1332b2cd0435d5d159d26d1773344d97367
f40f76c13e2b3621084d79f360516248039774460e9b88d5180e9d2333bacdd7
f46a9ff68981345f1179dbf58bd2119393f167c0551276d1c6bef9bc7f5108b8
f57137897a4e676f0d2199b79def1a95b253a1a938dff9d8ba10519f3beb2b08