Submitted URL: http://mail01.tinyletterapp.com/DrTheja/dr-theja-an-excellent-period-for-travel-educational-endeavors-teaching-romance-and-relationship/11843541-medium.com/drthejavedicastrologer/shimla-5f6b1e7eb83?c=b401c069-eedb-49c0-b4cd-ad4427f5a121
Effective URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Submission: On June 13 via manual from AU

Summary

This website contacted 6 IPs in 1 countries across 4 domains to perform 72 HTTP transactions.
The main IP is 104.16.124.127, located in San Francisco, United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is medium.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on June 1st 2017. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 52.222.149.24 16509 (AMAZON-02)
8 104.16.124.127 13335 (CLOUDFLAR...)
10 104.16.119.145 13335 (CLOUDFLAR...)
2 172.217.23.174 15169 (GOOGLE)
8 52.71.85.235 14618 (AMAZON-AES)
72 6
Domain
Subdomains
Transfer
18 medium.com
cdn-images-1.medium.com Failed
1 MB
8 lightstep.com
2 KB
2 google-analytics.com
14 KB
1 tinyletterapp.com
703 B
72 4
Domain Requested by
8 collector-medium.lightstep.com cdn-static-1.medium.com
medium.com
8 medium.com medium.com
cdn-static-1.medium.com
6 cdn-images-1.medium.com medium.com
medium.com
medium.com
medium.com
medium.com
medium.com
medium.com
4 cdn-static-1.medium.com medium.com
cdn-static-1.medium.com
2 www.google-analytics.com medium.com
1 mail01.tinyletterapp.com
72 6

This site contains links to these domains. Also see Links.

Domain
youtu.be
Subject / Issuer Validity Valid
medium.com
DigiCert SHA2 Extended Validation Server CA
2017-06-01 -
2019-08-30
2 years
*.medium.com
DigiCert SHA2 Secure Server CA
2015-05-21 -
2018-08-18
3 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • script /medium\.com/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /AmazonS3/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

72 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
shimla-5f6b1e7eb83?c=b401c069-eedb-49c0-b4cd-ad4427f5a121
mail01.tinyletterapp.com/DrTheja/dr-theja-an-excellent-period-for-travel-educational-endeavors-teaching-romance-and-relationship/11843541-medium.com/drthejavedicastrologer
247 B
703 B
Document
General
Full URL
http://mail01.tinyletterapp.com/DrTheja/dr-theja-an-excellent-period-for-travel-educational-endeavors-teaching-romance-and-relationship/11843541-medium.com/drthejavedicastrologer/shimla-5f6b1e7eb83?c=b401c069-eedb-49c0-b4cd-ad4427f5a121
Protocol
HTTP/1.1
Server
52.222.149.24 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-222-149-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Host
mail01.tinyletterapp.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
F88AA6F804978B9291EE845DAC93A848

Response headers

Content-Type
text/html
Content-Length
247
Connection
keep-alive
Date
Wed, 13 Jun 2018 03:01:58 GMT
Last-Modified
Wed, 13 Jun 2018 02:40:08 GMT
ETag
"aa869a7897793f94fbf1fa501e7236a6"
Cache-Control
max-age=3600
Accept-Ranges
bytes
Server
AmazonS3
X-Cache
Miss from cloudfront
Via
1.1 a56a2e7149e67774870adaf614e87aa1.cloudfront.net (CloudFront)
X-Amz-Cf-Id
wlH040mnkG7jX0tfE0qFMpVYkVY6-T-Mb8kE172YSbQyBVOPTrpjLg==
shimla-5f6b1e7eb83
/@drthejavedicastrologer
110 KB
29 KB
Document
General
Full URL
https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.124.127 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
45428355d6aad9a3aac0696c963a1e368902705e0406cb8b9f8003eccfd7ddb5
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://*.paypal.com https://getpocket.com https://medium.com:443 https://*.medium.com:443 https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
medium.com
:scheme
https
:path
/@drthejavedicastrologer/shimla-5f6b1e7eb83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://mail01.tinyletterapp.com/DrTheja/dr-theja-an-excellent-period-for-travel-educational-endeavors-teaching-romance-and-relationship/11843541-medium.com/drthejavedicastrologer/shimla-5f6b1e7eb83?c=b401c069-eedb-49c0-b4cd-ad4427f5a121
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
F88AA6F804978B9291EE845DAC93A848
Referer
http://mail01.tinyletterapp.com/DrTheja/dr-theja-an-excellent-period-for-travel-educational-endeavors-teaching-romance-and-relationship/11843541-medium.com/drthejavedicastrologer/shimla-5f6b1e7eb83?c=b401c069-eedb-49c0-b4cd-ad4427f5a121

Response headers

status
200
date
Wed, 13 Jun 2018 03:01:57 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; expires=Thu, 13-Jun-19 03:01:57 GMT; path=/; domain=.medium.com; HttpOnly uid=lo_qvCWAmMQOYLW; Expires=Thu, 13-Jun-19 03:01:57 GMT; Domain=.medium.com; Path=/; Secure; HttpOnly sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4; path=/; expires=Thu, 13 Jun 2019 03:01:57 GMT; domain=.medium.com; secure; httponly
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://*.paypal.com https://getpocket.com https://medium.com:443 https://*.medium.com:443 https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
x-frame-options
sameorigin
x-content-type-options
nosniff
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, Chrome=1
x-powered-by
Medium
x-obvious-tid
1528858917189:3e99653473a8
x-obvious-info
34037-a8902e9,a8902e926ed
link
<https://medium.com/humans.txt>; rel="humans"
cache-control
no-cache, no-store, max-age=0, must-revalidate
expires
Thu, 09 Sep 1999 09:09:09 GMT
pragma
no-cache
tk
T
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
42a150c81f9c26a8-FRA
main-branding-base.CwNpvScCa0CMxea_q-b_hA.css
cdn-static-1.medium.com/_/fp/css
461 KB
62 KB
Stylesheet
General
Full URL
https://cdn-static-1.medium.com/_/fp/css/main-branding-base.CwNpvScCa0CMxea_q-b_hA.css
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.119.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab6d95a87dcaa592371baaf273b78e0e404a51240779f7f950cc8226b9373db1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/_/fp/css/main-branding-base.CwNpvScCa0CMxea_q-b_hA.css
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
cdn-static-1.medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
10A40842C1BF65F7
status
200
vary
Accept-Encoding
content-length
63463
x-amz-id-2
6m+v/ZJfmreD6rGzraGNY5PGuiu96ofL40vxxV5jh/n/0WLywr6+SXlyNdP/zB7TX75XAnv99Lo=
last-modified
Sat, 09 Jun 2018 00:08:13 GMT
server
cloudflare
etag
"8af5f9ffa60a0a10a72b437a9b10d52b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
42a150ca8a9a2330-FRA
expires
Thu, 13 Jun 2019 03:01:57 GMT
Adblocked analytics.js
www.google-analytics.com
34 KB
14 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
SPDY
Server
172.217.23.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f174.1e100.net
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
350
date
Wed, 13 Jun 2018 02:56:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14386
expires
Wed, 13 Jun 2018 04:56:07 GMT
0*pMNjXaNnlWviMCkM.
cdn-images-1.medium.com/fit/c/80/80
3 KB
4 KB
Image
General
Full URL
https://cdn-images-1.medium.com/fit/c/80/80/0*pMNjXaNnlWviMCkM.
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.119.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
874611b3d4595ea6f3616c4c0bd375a20a73da482fb108e29da14941f15f35e4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/fit/c/80/80/0*pMNjXaNnlWviMCkM.
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn-images-1.medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:57 GMT
x-content-type-options
nosniff
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3167-6a77fb9
status
200
content-length
3453
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, must-revalidate, max-age=2592000
accept-ranges
bytes
cf-ray
42a150ca9aa22330-FRA
expires
Fri, 13 Jul 2018 03:01:57 UTC
1*XbObb7JOh2J7skCAOY-gng.jpeg
cdn-images-1.medium.com/max/400
103 KB
103 KB
Image
General
Full URL
https://cdn-images-1.medium.com/max/400/1*XbObb7JOh2J7skCAOY-gng.jpeg
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.119.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
1c63336f73c45920609d2bf8ac9053d8ecb95795801fcbee7898e53744f45185
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/max/400/1*XbObb7JOh2J7skCAOY-gng.jpeg
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn-images-1.medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3166-041fd4b
status
200
vary
Accept-Encoding
content-length
105716
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
42a150cb5ac02330-FRA
expires
Fri, 13 Jul 2018 03:01:58 GMT
1*Hy2deEK2jVpA4kJvi8nHDA.jpeg
cdn-images-1.medium.com/max/1200
0
0

1*9OwPNdESWZGMxjkRhxXP9A.jpeg
cdn-images-1.medium.com/max/1200
310 KB
310 KB
Image
General
Full URL
https://cdn-images-1.medium.com/max/1200/1*9OwPNdESWZGMxjkRhxXP9A.jpeg
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.119.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
22b2f84d2e19d9886b159470967c936df86b63cdbb5f4c187b4552a5bcd87420
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/max/1200/1*9OwPNdESWZGMxjkRhxXP9A.jpeg
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn-images-1.medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3166-041fd4b
status
200
vary
Accept-Encoding
content-length
317153
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
42a150cb5ac22330-FRA
expires
Fri, 13 Jul 2018 03:01:58 GMT
1*fN8RyJxlHlcAJ-mugcyPvQ.jpeg
cdn-images-1.medium.com/max/800
0
0

1*iYWZcjaO2HQbnx4Q6PUfGA.jpeg
cdn-images-1.medium.com/max/800
0
0

1*t0IBw4LIvicW7_hfNEIDMA.jpeg
cdn-images-1.medium.com/max/800
0
0

1*p2peo6xoQM93tNkohG8_ow.jpeg
cdn-images-1.medium.com/max/800
0
0

1*KfkYc7tLixfyP6lA5UvVXw.jpeg
cdn-images-1.medium.com/max/800
0
0

1*gN_MjvKUTbGrNh_BYlpt-w.jpeg
cdn-images-1.medium.com/max/800
0
0

1*B9DZBMFIHY33IY51IqbwTg.jpeg
cdn-images-1.medium.com/max/800
170 KB
171 KB
Image
General
Full URL
https://cdn-images-1.medium.com/max/800/1*B9DZBMFIHY33IY51IqbwTg.jpeg
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.119.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
9c95de7d27025433ecc42026e2698ff0bd640c811a3b7a9a6e4a92de7f07b549
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/max/800/1*B9DZBMFIHY33IY51IqbwTg.jpeg
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn-images-1.medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3167-6a77fb9
status
200
vary
Accept-Encoding
content-length
174476
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
42a150cbaad52330-FRA
expires
Fri, 13 Jul 2018 03:01:58 GMT
1*isLL0uKG3FgButaevZX9hw.jpeg
cdn-images-1.medium.com/max/800
150 KB
151 KB
Image
General
Full URL
https://cdn-images-1.medium.com/max/800/1*isLL0uKG3FgButaevZX9hw.jpeg
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.119.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
532a470f2d2de8ab09bba6a5deb0541321938cf5be2a766f6a162839a34a031a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/max/800/1*isLL0uKG3FgButaevZX9hw.jpeg
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn-images-1.medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3167-6a77fb9
status
200
vary
Accept-Encoding
content-length
154087
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
42a150cbaada2330-FRA
expires
Fri, 13 Jul 2018 03:01:58 GMT
1*JoeTEvOCY2T0JNyCUdqEFg.jpeg
cdn-images-1.medium.com/max/800
0
0

1*qKU5CozEgwK5zStGEL3khw.jpeg
cdn-images-1.medium.com/max/1200
0
0

1*EnnvjjEnG8IDV8M8_CkW6Q.jpeg
cdn-images-1.medium.com/max/800
0
0

1*sGQmhljLgKlgq9fRk_E11g.jpeg
cdn-images-1.medium.com/max/800
0
0

1*wBm2_S8Jn6ijnKQKqJOzCg.jpeg
cdn-images-1.medium.com/max/800
0
0

1*xpQU1sP_xfGabGk9HIaueQ.jpeg
cdn-images-1.medium.com/max/800
0
0

1*6W7OYX4KADUhT4nrfB9Llg.jpeg
cdn-images-1.medium.com/max/800
0
0

1*Nxcu5n4iVlORPvVVHlbZTQ.jpeg
cdn-images-1.medium.com/max/800
0
0

1*qY1NxPF1x9RnXaRgYmF8yQ.jpeg
cdn-images-1.medium.com/max/800
0
0

1*ZwbV9tlsRDk4UrTCgqEDTQ.jpeg
cdn-images-1.medium.com/max/800
0
0

1*MPRDb7-sbKPU8ZJ8bcfCWQ.jpeg
cdn-images-1.medium.com/max/800
0
0

1*N27Ne5rxM5MLyxhb8xUjhA.jpeg
cdn-images-1.medium.com/max/800
0
0

1*TIpC6x5DF_jMybRrShGnvA.jpeg
cdn-images-1.medium.com/max/800
0
0

1*F-8yNBdaJeFBnhoN56PlBQ.jpeg
cdn-images-1.medium.com/max/800
0
0

1*Ic5_5fml4dW_mx3Dw_BwSw.jpeg
cdn-images-1.medium.com/max/800
0
0

1*h5E_hdKU2CXJkN_RCGqCfA.jpeg
cdn-images-1.medium.com/max/800
0
0

1*KQPNlCWLLiMK8X84wn2yFQ.jpeg
cdn-images-1.medium.com/max/800
0
0

1*3vvM95HUIUE7MRYnuH1BQg.jpeg
cdn-images-1.medium.com/max/1200
0
0

1*b97S20T-PuPZ6BGNz2b2lA.jpeg
cdn-images-1.medium.com/max/800
0
0

1*VLEbKqraFtbwPbUtSiKiTg.jpeg
cdn-images-1.medium.com/max/800
0
0

1*P4HHvjyV5mJ1PYyVWtMh6g.jpeg
cdn-images-1.medium.com/max/800
0
0

1*Jt5EVk6fb7tJgUbgq36tkw.jpeg
cdn-images-1.medium.com/max/800
0
0

1*1qY3qEndE10RyKFKHpAZqg.jpeg
cdn-images-1.medium.com/max/800
0
0

1*NgDslX46d0GV6teovWNV4Q.jpeg
cdn-images-1.medium.com/max/800
0
0

1*YifDCjqflFb4y_SahE8Ryg.jpeg
cdn-images-1.medium.com/max/800
0
0

1*5b6fMggBj7AK9MI3NnwVNg.jpeg
cdn-images-1.medium.com/max/1200
0
0

1*gwnaaj9bBfeW5LZV4xMb6g.jpeg
cdn-images-1.medium.com/max/1200
0
0

1*wAcZifvT7r0-mt5QvD-GOQ.jpeg
cdn-images-1.medium.com/max/800
0
0

1*mezjyfY0b3g5M_Xet5J37w.jpeg
cdn-images-1.medium.com/max/1600
0
0

0*pMNjXaNnlWviMCkM.
cdn-images-1.medium.com/fit/c/120/120
0
0

main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
cdn-static-1.medium.com/_/fp/gen-js
1 MB
329 KB
Script
General
Full URL
https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.119.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96bdf9ecffdc4892f0e5ce0ad8a1b70479539dc1b9408db23002533b9b651fff
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn-static-1.medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
CB1F28FB37F1D4E4
status
200
vary
Accept-Encoding
content-length
335909
x-amz-id-2
GSI1GJA5QcNg1lc1enJCuj0XKJOgwi1WtDTnZ5AUrelsOi2zb8X99KrFR44e9v+kLs6jW/ypJ1s=
last-modified
Tue, 12 Jun 2018 21:38:17 GMT
server
cloudflare
etag
"273191b114c7d2cf83576cb4be97d94e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
42a150cb5ac52330-FRA
expires
Thu, 13 Jun 2019 03:01:57 GMT
Verified Adblocked stat?event=pixel.load&origin=https%3A%2F%2Fmedium.com
/_
43 B
159 B
Image
General
Full URL
https://medium.com/_/stat?event=pixel.load&origin=https%3A%2F%2Fmedium.com
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.124.127 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Verified resource
diva.js/3.1.0/img/blank.gif at cdnjs.com, project diva.js
extjs/4.2.1/resources/ext-theme-gray/images/grid/grid3-rowheader.gif at cdnjs.com, project extjs
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://*.paypal.com https://getpocket.com https://medium.com:443 https://*.medium.com:443 https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:path
/_/stat?event=pixel.load&origin=https%3A%2F%2Fmedium.com
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
x-content-type-options
nosniff
x-powered-by
Medium
x-obvious-info
34037-a8902e9,a8902e926ed
status
200
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, Chrome=1
pragma
no-cache
x-obvious-tid
1528858917997:2c78df2f4c08
server
cloudflare
x-frame-options
sameorigin
tk
T
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
default-src 'self'; connect-src https://localhost https://*.instapaper.com https://*.stripe.com https://*.paypal.com https://getpocket.com https://medium.com:443 https://*.medium.com:443 https://*.medium.com https://medium.com https://*.medium.com https://*.algolia.net https://cdn-static-1.medium.com https://dnqgz544uhbo8.cloudfront.net https://cdn-videos-1.medium.com https://cdn-audio-1.medium.com https://*.lightstep.com https://app.zencoder.com 'self'; font-src data: https://*.amazonaws.com https://*.medium.com https://glyph.medium.com https://medium.com https://*.gstatic.com https://dnqgz544uhbo8.cloudfront.net https://use.typekit.net https://cdn-static-1.medium.com 'self'; frame-src chromenull: https: webviewprogressproxy: medium: 'self'; img-src blob: data: https: 'self'; media-src https://*.cdn.vine.co https://d1fcbxp97j4nb2.cloudfront.net https://d262ilb51hltx0.cloudfront.net https://*.medium.com https://gomiro.medium.com https://miro.medium.com https://pbs.twimg.com 'self' blob:; object-src 'self'; script-src 'unsafe-eval' 'unsafe-inline' about: https: 'self'; style-src 'unsafe-inline' data: https: 'self'; report-uri https://csp.medium.com
cf-ray
42a150cb589926a8-FRA
link
<https://medium.com/humans.txt>; rel="humans"
expires
Thu, 09 Sep 1999 09:09:09 GMT
Adblocked collect?v=1&_v=j68&a=724432482&t=pageview&_s=1&dl=https%3A%2F%2Fmedium.com%2F%40drthejavedicastrologer%2Fshimla-5f6b1e7eb83&dr=http%3A%2F%2Fmail01.tinyletterapp.com%2FDrTheja%2Fdr-theja-an-excellen...
www.google-analytics.com/r
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=724432482&t=pageview&_s=1&dl=https%3A%2F%2Fmedium.com%2F%40drthejavedicastrologer%2Fshimla-5f6b1e7eb83&dr=http%3A%2F%2Fmail01.tinyletterapp.com%2FDrTheja%2Fdr-theja-an-excellent-period-for-travel-educational-endeavors-teaching-romance-and-relationship%2F11843541-medium.com%2Fdrthejavedicastrologer%2Fshimla-5f6b1e7eb83%3Fc%3Db401c069-eedb-49c0-b4cd-ad4427f5a121&ul=en-us&de=UTF-8&dt=Shimla%20%E2%80%93%20DrTheja%20Vedic%20Astrologer%20%E2%80%93%20Medium&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=929125444&gjid=1316924031&cid=1426476980.1528858918&tid=UA-24232453-2&_gid=1266171604.1528858918&_r=1&z=97150304
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
SPDY
Server
172.217.23.174 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f174.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 13 Jun 2018 03:01:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
main-common-async.bundle.CUGDYgOEQbuOGl-hZag1nw.js
cdn-static-1.medium.com/_/fp/gen-js
652 KB
179 KB
Script
General
Full URL
https://cdn-static-1.medium.com/_/fp/gen-js/main-common-async.bundle.CUGDYgOEQbuOGl-hZag1nw.js
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.119.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b17e31824e7690c85f759a6f06078b5cbe43371bbbe1ad0af97b9318dad5c4fd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/_/fp/gen-js/main-common-async.bundle.CUGDYgOEQbuOGl-hZag1nw.js
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4; _ga=GA1.2.1426476980.1528858918; _gid=GA1.2.1266171604.1528858918; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn-static-1.medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
F99740C8E97D420D
status
200
vary
Accept-Encoding
content-length
182601
x-amz-id-2
UxkCEMtzZfs6ynqTWG5hJ+h98+0nBUUJUDS5AWe0HPD3/+AV5o7m+Qi4D13/RiuIWlce7+4eJjw=
last-modified
Tue, 12 Jun 2018 17:08:29 GMT
server
cloudflare
etag
"299e331b855f9a534af1e113c4c481e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
42a150cc9b092330-FRA
expires
Thu, 13 Jun 2019 03:01:57 GMT
upvotes
/p/5f6b1e7eb83
171 B
275 B
XHR
General
Full URL
https://medium.com/p/5f6b1e7eb83/upvotes
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.124.127 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
24f32986c749ecdcd5665ced506577da9a39ee2270223af93e9dd34fe333bae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4; _ga=GA1.2.1426476980.1528858918; _gid=GA1.2.1266171604.1528858918; _gat=1; lightstep_guid/medium-web=7812d09849f059d0; lightstep_session_id=350b86b81fd18069
x-xsrf-token
1
accept-encoding
gzip, deflate
x-obvious-cid
web
:path
/p/5f6b1e7eb83/upvotes
pragma
no-cache
x-client-date
1528858917872
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/json
accept
application/json
cache-control
no-cache
:authority
medium.com
referer
https://medium.com/
:scheme
https
x-opentracing
{"ot-tracer-spanid":"1914f489a13ece","ot-tracer-traceid":"00fa3c3870c77649","ot-tracer-sampled":"true"}
:method
GET
x-opentracing
{"ot-tracer-spanid":"1914f489a13ece","ot-tracer-traceid":"00fa3c3870c77649","ot-tracer-sampled":"true"}
X-Client-Date
1528858917872
X-XSRF-Token
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://medium.com/
X-Obvious-CID
web

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Medium
x-obvious-info
34037-a8902e9,a8902e926ed
status
200
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, Chrome=1
pragma
no-cache
x-obvious-tid
1528858917927:cf96acf868f4
server
cloudflare
x-frame-options
sameorigin
tk
T
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
42a150ccb94c26a8-FRA
link
<https://medium.com/humans.txt>; rel="humans"
expires
Thu, 09 Sep 1999 09:09:09 GMT
main-notes.bundle.2oTCRVNAceml2LOsVGkqrw.js
cdn-static-1.medium.com/_/fp/gen-js
83 KB
28 KB
Script
General
Full URL
https://cdn-static-1.medium.com/_/fp/gen-js/main-notes.bundle.2oTCRVNAceml2LOsVGkqrw.js
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.119.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5341c948efa34bb2b5f6c3c242c4d16c3e38a17b229a4f3162493ba8ef22f33b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/_/fp/gen-js/main-notes.bundle.2oTCRVNAceml2LOsVGkqrw.js
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4; _ga=GA1.2.1426476980.1528858918; _gid=GA1.2.1266171604.1528858918; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdn-static-1.medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
64C631391520A9BD
status
200
vary
Accept-Encoding
content-length
28089
x-amz-id-2
Oxa8r9jXtARCQ+vZqqoPHbUbLM+vxEVm4LwJKJSm5JMQJBJFyboORTHbjY+8dTO73wiJGHNUTvw=
last-modified
Tue, 12 Jun 2018 17:08:29 GMT
server
cloudflare
etag
"672d2b12affe1123f8d7740925bbf3c4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
42a150cd3b212330-FRA
expires
Thu, 13 Jun 2019 03:01:57 GMT
meter
/_/api/posts
238 B
405 B
XHR
General
Full URL
https://medium.com/_/api/posts/meter
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.124.127 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
11204c446b0e6fcf7a37832b892fc1c9b1758b86ebfe754e79a41b65e35d96cf
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4; _ga=GA1.2.1426476980.1528858918; _gid=GA1.2.1266171604.1528858918; _gat=1; lightstep_guid/medium-web=7812d09849f059d0; lightstep_session_id=350b86b81fd18069; sz=1585; pr=1; tz=0; mpids=5f6b1e7eb83
origin
https://medium.com
x-xsrf-token
1
accept-encoding
gzip, deflate
x-obvious-cid
web
content-length
27
:path
/_/api/posts/meter
pragma
no-cache
x-client-date
1528858917972
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/json
accept
application/json
cache-control
no-cache
:authority
medium.com
referer
https://medium.com/
:scheme
https
:method
PUT
X-Client-Date
1528858917972
Origin
https://medium.com
X-XSRF-Token
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://medium.com/
X-Obvious-CID
web

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Medium
x-obvious-info
34037-a8902e9,a8902e926ed
status
200
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, Chrome=1
pragma
no-cache
x-opentracing
{"ot-tracer-spanid":"1673098305938c2f","ot-tracer-traceid":"2c258fc2277ce041","ot-tracer-sampled":"true"}
x-obvious-tid
1528858918030:96f307357cc6
server
cloudflare
x-frame-options
sameorigin
tk
T
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
42a150cd597c26a8-FRA
link
<https://medium.com/humans.txt>; rel="humans"
expires
Thu, 09 Sep 1999 09:09:09 GMT
quotes
/p/5f6b1e7eb83
97 B
298 B
XHR
General
Full URL
https://medium.com/p/5f6b1e7eb83/quotes
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.124.127 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
584827ac602e8373a4a5fe46907f1b3440e35dc37f0fe85015abff69b39a53bd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:path
/p/5f6b1e7eb83/quotes
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4; _ga=GA1.2.1426476980.1528858918; _gid=GA1.2.1266171604.1528858918; _gat=1; lightstep_guid/medium-web=7812d09849f059d0; lightstep_session_id=350b86b81fd18069; sz=1585; pr=1; tz=0; mpids=5f6b1e7eb83
x-client-date
1528858918132
x-xsrf-token
1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/json
accept
application/json
cache-control
no-cache
:authority
medium.com
referer
https://medium.com/
:scheme
https
x-obvious-cid
web
:method
GET
Accept
application/json
X-Client-Date
1528858918132
X-XSRF-Token
1
Referer
https://medium.com/
X-Obvious-CID
web
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Medium
x-obvious-info
34037-a8902e9,a8902e926ed
status
200
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, Chrome=1
pragma
no-cache
x-opentracing
{"ot-tracer-spanid":"7877404d4a8a6840","ot-tracer-traceid":"2c1b14e1130bc2a7","ot-tracer-sampled":"true"}
x-obvious-tid
1528858918487:8a032b461b1f
server
cloudflare
x-frame-options
sameorigin
tk
T
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
42a150ce59af26a8-FRA
link
<https://medium.com/humans.txt>; rel="humans"
expires
Thu, 09 Sep 1999 09:09:09 GMT
responses?filter=best
/_/api/posts/5f6b1e7eb83
152 B
241 B
XHR
General
Full URL
https://medium.com/_/api/posts/5f6b1e7eb83/responses?filter=best
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.124.127 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
fcfc7369ea45c2178c31f3e9c67ab964e9230640ba1660791058442f51ea8116
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4; _ga=GA1.2.1426476980.1528858918; _gid=GA1.2.1266171604.1528858918; _gat=1; lightstep_guid/medium-web=7812d09849f059d0; lightstep_session_id=350b86b81fd18069; sz=1585; pr=1; tz=0; mpids=5f6b1e7eb83
x-xsrf-token
1
accept-encoding
gzip, deflate
x-obvious-cid
web
:path
/_/api/posts/5f6b1e7eb83/responses?filter=best
pragma
no-cache
x-client-date
1528858918133
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/json
accept
application/json
cache-control
no-cache
:authority
medium.com
referer
https://medium.com/
:scheme
https
x-opentracing
{"ot-tracer-spanid":"d1f713875d237","ot-tracer-traceid":"d231436b340cb","ot-tracer-sampled":"true"}
:method
GET
x-opentracing
{"ot-tracer-spanid":"d1f713875d237","ot-tracer-traceid":"d231436b340cb","ot-tracer-sampled":"true"}
X-Client-Date
1528858918133
X-XSRF-Token
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://medium.com/
X-Obvious-CID
web

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Medium
x-obvious-info
34037-a8902e9,a8902e926ed
status
200
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, Chrome=1
pragma
no-cache
x-obvious-tid
1528858918488:2e1a1e47dc59
server
cloudflare
x-frame-options
sameorigin
tk
T
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
42a150ce59b726a8-FRA
link
<https://medium.com/humans.txt>; rel="humans"
expires
Thu, 09 Sep 1999 09:09:09 GMT
Adblocked reports
collector-medium.lightstep.com/api/v0
0
194 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
SPDY
Server
52.71.85.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-85-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Access-Control-Request-Method
POST
Origin
https://medium.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Access-Control-Request-Headers
content-type,lightstep-access-token

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
content-type
text/plain; charset=utf-8
status
200
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
0
responsesStream?filter=best
/_/api/posts/5f6b1e7eb83
115 B
227 B
XHR
General
Full URL
https://medium.com/_/api/posts/5f6b1e7eb83/responsesStream?filter=best
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.124.127 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
e0809799d0edd8879d1fba65b5be04310af8983e05e94b23f4ff3eb5dd420600
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4; _ga=GA1.2.1426476980.1528858918; _gid=GA1.2.1266171604.1528858918; _gat=1; lightstep_guid/medium-web=7812d09849f059d0; lightstep_session_id=350b86b81fd18069; sz=1585; pr=1; tz=0; mpids=5f6b1e7eb83
x-xsrf-token
1
accept-encoding
gzip, deflate
x-obvious-cid
web
:path
/_/api/posts/5f6b1e7eb83/responsesStream?filter=best
pragma
no-cache
x-client-date
1528858918382
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/json
accept
application/json
cache-control
no-cache
:authority
medium.com
referer
https://medium.com/
:scheme
https
x-opentracing
{"ot-tracer-spanid":"158bd56c39af2d","ot-tracer-traceid":"d231436b340cb","ot-tracer-sampled":"true"}
:method
GET
x-opentracing
{"ot-tracer-spanid":"158bd56c39af2d","ot-tracer-traceid":"d231436b340cb","ot-tracer-sampled":"true"}
X-Client-Date
1528858918382
X-XSRF-Token
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://medium.com/
X-Obvious-CID
web

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Medium
x-obvious-info
34037-a8902e9,a8902e926ed
status
200
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, Chrome=1
pragma
no-cache
x-obvious-tid
1528858918441:2db7a0e726ff
server
cloudflare
x-frame-options
sameorigin
tk
T
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
42a150cfea7626a8-FRA
link
<https://medium.com/humans.txt>; rel="humans"
expires
Thu, 09 Sep 1999 09:09:09 GMT
Adblocked reports
collector-medium.lightstep.com/api/v0
112 B
310 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
SPDY
Server
52.71.85.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-85-235.compute-1.amazonaws.com
Software
/
Resource Hash
5f87cb68ad3db48c730d22ac037a3638533b1df6c8d805ed6ee64febbb405ad9
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://medium.com/
Origin
https://medium.com
LightStep-Access-Token
ce5be895bef60919541332990ac9fef2
Content-Type
application/json

Response headers

date
Wed, 13 Jun 2018 03:01:58 GMT
status
200
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
112
placements?requestContext%5BpostPageContext%5D%5BpostId%5D=5f6b1e7eb83&requestContext%5BcontextType%5D=postPageContext&slots%5B0%5D%5Blocation%5D=1&slots%5B0%5D%5Bindex%5D=0
/_/api
16 KB
4 KB
XHR
General
Full URL
https://medium.com/_/api/placements?requestContext%5BpostPageContext%5D%5BpostId%5D=5f6b1e7eb83&requestContext%5BcontextType%5D=postPageContext&slots%5B0%5D%5Blocation%5D=1&slots%5B0%5D%5Bindex%5D=0
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.124.127 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Medium
Resource Hash
0612cd8e562e324289dc444911d54b7cda83229b3f27cdb0ebcd6f40d5de76d8
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4; _ga=GA1.2.1426476980.1528858918; _gid=GA1.2.1266171604.1528858918; _gat=1; lightstep_guid/medium-web=7812d09849f059d0; lightstep_session_id=350b86b81fd18069; sz=1585; pr=1; tz=0; mpids=5f6b1e7eb83
x-xsrf-token
1
accept-encoding
gzip, deflate
x-obvious-cid
web
:path
/_/api/placements?requestContext%5BpostPageContext%5D%5BpostId%5D=5f6b1e7eb83&requestContext%5BcontextType%5D=postPageContext&slots%5B0%5D%5Blocation%5D=1&slots%5B0%5D%5Bindex%5D=0
pragma
no-cache
x-client-date
1528858918885
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
content-type
application/json
accept
application/json
cache-control
no-cache
:authority
medium.com
referer
https://medium.com/
:scheme
https
x-opentracing
{"ot-tracer-spanid":"1c5816c1182338","ot-tracer-traceid":"d231436b340cb","ot-tracer-sampled":"true"}
:method
GET
x-opentracing
{"ot-tracer-spanid":"1c5816c1182338","ot-tracer-traceid":"d231436b340cb","ot-tracer-sampled":"true"}
X-Client-Date
1528858918885
X-XSRF-Token
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/json
Accept
application/json
Referer
https://medium.com/
X-Obvious-CID
web

Response headers

date
Wed, 13 Jun 2018 03:01:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
Medium
x-obvious-info
34037-a8902e9,a8902e926ed
status
200
x-xss-protection
1; mode=block
x-ua-compatible
IE=edge, Chrome=1
pragma
no-cache
x-obvious-tid
1528858919020:35e06486415c
server
cloudflare
x-frame-options
sameorigin
tk
T
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cf-ray
42a150d30bbb26a8-FRA
link
<https://medium.com/humans.txt>; rel="humans"
expires
Thu, 09 Sep 1999 09:09:09 GMT
1*XbObb7JOh2J7skCAOY-gng.jpeg
cdn-images-1.medium.com/fit/c/40/40
2 KB
2 KB
Image
General
Full URL
https://cdn-images-1.medium.com/fit/c/40/40/1*XbObb7JOh2J7skCAOY-gng.jpeg
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.119.145 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Geomyidae artificij
Resource Hash
92fdecfc486a5651df6c4279dd5e8bad9bc5d93cf0ddbf4ea2384ee62e4717f0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/fit/c/40/40/1*XbObb7JOh2J7skCAOY-gng.jpeg
pragma
no-cache
cookie
__cfduid=dea982203cedb44cc0c87fea6bae8f57e1528858917; uid=lo_qvCWAmMQOYLW; sid=1:R/2Zu+y/Xj98y2xpqt5MBk29+aW4tUle5h6kHaoW41pzoa5dAIozzMOeZspb6Ij4; _ga=GA1.2.1426476980.1528858918; _gid=GA1.2.1266171604.1528858918; _gat=1
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
cdn-images-1.medium.com
referer
https://medium.com/
:scheme
https
:method
GET
Referer
https://medium.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Wed, 13 Jun 2018 03:01:59 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
x-powered-by
Geomyidae artificij
x-obvious-info
16.3, 3166-041fd4b
status
200
vary
Accept-Encoding
content-length
1851
pragma
public
server
cloudflare
etag
"16.3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
42a150d33c612330-FRA
expires
Fri, 13 Jul 2018 03:01:59 GMT
Adblocked reports
collector-medium.lightstep.com/api/v0
0
194 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
SPDY
Server
52.71.85.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-85-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Access-Control-Request-Method
POST
Origin
https://medium.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Access-Control-Request-Headers
content-type,lightstep-access-token

Response headers

date
Wed, 13 Jun 2018 03:01:59 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
content-type
text/plain; charset=utf-8
status
200
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
0
Adblocked reports
collector-medium.lightstep.com/api/v0
112 B
310 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
SPDY
Server
52.71.85.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-85-235.compute-1.amazonaws.com
Software
/
Resource Hash
40c4a52111bd1bdc5450d899a496deaf0229bfff88cdbff52a28641f2800dcf9
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://medium.com/
Origin
https://medium.com
LightStep-Access-Token
ce5be895bef60919541332990ac9fef2
Content-Type
application/json

Response headers

date
Wed, 13 Jun 2018 03:01:59 GMT
status
200
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
112
0*pMNjXaNnlWviMCkM.
cdn-images-1.medium.com/fit/c/36/36
0
0

1*RZhsL7vY94abQ08ah1lWYA.png
cdn-images-1.medium.com/fit/c/36/36
0
0

1*u0-HqHu3DJCVtUEMM3U01g.jpeg
cdn-images-1.medium.com/fit/c/36/36
0
0

1*7nHQoUlpvJl80yGVa23yLQ.jpeg
cdn-images-1.medium.com/fit/c/400/120
0
0

1*TVhpKaHPz_Tkz3bpR-RFag.jpeg
cdn-images-1.medium.com/fit/c/400/120
0
0

1*Urju-7sYms0CfO7MPjEjrQ.jpeg
cdn-images-1.medium.com/fit/c/400/120
0
0

Adblocked reports
collector-medium.lightstep.com/api/v0
0
194 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
SPDY
Server
52.71.85.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-85-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Access-Control-Request-Method
POST
Origin
https://medium.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Access-Control-Request-Headers
content-type,lightstep-access-token

Response headers

date
Wed, 13 Jun 2018 03:01:59 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
content-type
text/plain; charset=utf-8
status
200
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
0
Adblocked reports
collector-medium.lightstep.com/api/v0
112 B
310 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
SPDY
Server
52.71.85.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-85-235.compute-1.amazonaws.com
Software
/
Resource Hash
0c1435fc673d88433ba8308fc73d5a16d6c2248b9ead74e91509113a2daa0ea6
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://medium.com/
Origin
https://medium.com
LightStep-Access-Token
ce5be895bef60919541332990ac9fef2
Content-Type
application/json

Response headers

date
Wed, 13 Jun 2018 03:01:59 GMT
status
200
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
112
Adblocked reports
collector-medium.lightstep.com/api/v0
0
194 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: cdn-static-1.medium.com
URL: https://cdn-static-1.medium.com/_/fp/gen-js/main-base.bundle.JJAoI7pQm-ynhk0EbNBI2w.js
Protocol
SPDY
Server
52.71.85.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-85-235.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Access-Control-Request-Method
POST
Origin
https://medium.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Access-Control-Request-Headers
content-type,lightstep-access-token

Response headers

date
Wed, 13 Jun 2018 03:02:00 GMT
access-control-allow-origin
*
access-control-allow-methods
POST
content-type
text/plain; charset=utf-8
status
200
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
0
Adblocked reports
collector-medium.lightstep.com/api/v0
112 B
310 B
XHR
General
Full URL
https://collector-medium.lightstep.com/api/v0/reports
Requested by
Host: medium.com
URL: https://medium.com/@drthejavedicastrologer/shimla-5f6b1e7eb83
Protocol
SPDY
Server
52.71.85.235 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-71-85-235.compute-1.amazonaws.com
Software
/
Resource Hash
fdfc8ba70050e5685221c82691b0b12fbe120fdde05994a9757009a6f24fbea0
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Referer
https://medium.com/
Origin
https://medium.com
LightStep-Access-Token
ce5be895bef60919541332990ac9fef2
Content-Type
application/json

Response headers

date
Wed, 13 Jun 2018 03:02:00 GMT
status
200
access-control-allow-methods
POST
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
access-control-allow-headers
LightStep-Access-Token, Content-Type
content-length
112

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/1200/1*Hy2deEK2jVpA4kJvi8nHDA.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*fN8RyJxlHlcAJ-mugcyPvQ.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*iYWZcjaO2HQbnx4Q6PUfGA.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*t0IBw4LIvicW7_hfNEIDMA.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*p2peo6xoQM93tNkohG8_ow.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*KfkYc7tLixfyP6lA5UvVXw.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*gN_MjvKUTbGrNh_BYlpt-w.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*JoeTEvOCY2T0JNyCUdqEFg.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/1200/1*qKU5CozEgwK5zStGEL3khw.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*EnnvjjEnG8IDV8M8_CkW6Q.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*sGQmhljLgKlgq9fRk_E11g.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*wBm2_S8Jn6ijnKQKqJOzCg.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*xpQU1sP_xfGabGk9HIaueQ.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*6W7OYX4KADUhT4nrfB9Llg.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*Nxcu5n4iVlORPvVVHlbZTQ.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*qY1NxPF1x9RnXaRgYmF8yQ.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*ZwbV9tlsRDk4UrTCgqEDTQ.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*MPRDb7-sbKPU8ZJ8bcfCWQ.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*N27Ne5rxM5MLyxhb8xUjhA.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*TIpC6x5DF_jMybRrShGnvA.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*F-8yNBdaJeFBnhoN56PlBQ.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*Ic5_5fml4dW_mx3Dw_BwSw.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*h5E_hdKU2CXJkN_RCGqCfA.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*KQPNlCWLLiMK8X84wn2yFQ.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/1200/1*3vvM95HUIUE7MRYnuH1BQg.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*b97S20T-PuPZ6BGNz2b2lA.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*VLEbKqraFtbwPbUtSiKiTg.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*P4HHvjyV5mJ1PYyVWtMh6g.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*Jt5EVk6fb7tJgUbgq36tkw.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*1qY3qEndE10RyKFKHpAZqg.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*NgDslX46d0GV6teovWNV4Q.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*YifDCjqflFb4y_SahE8Ryg.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/1200/1*5b6fMggBj7AK9MI3NnwVNg.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/1200/1*gwnaaj9bBfeW5LZV4xMb6g.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/800/1*wAcZifvT7r0-mt5QvD-GOQ.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/max/1600/1*mezjyfY0b3g5M_Xet5J37w.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/fit/c/120/120/0*pMNjXaNnlWviMCkM.
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/fit/c/36/36/0*pMNjXaNnlWviMCkM.
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/fit/c/36/36/1*RZhsL7vY94abQ08ah1lWYA.png
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/fit/c/36/36/1*u0-HqHu3DJCVtUEMM3U01g.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/fit/c/400/120/1*7nHQoUlpvJl80yGVa23yLQ.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/fit/c/400/120/1*TVhpKaHPz_Tkz3bpR-RFag.jpeg
Domain
cdn-images-1.medium.com
URL
https://cdn-images-1.medium.com/fit/c/400/120/1*Urju-7sYms0CfO7MPjEjrQ.jpeg

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

number| OB_startTime object| OB_loadErrors function| _onerror function| _asyncScript function| _asyncStyles function| ga object| gaplugins object| gaGlobal object| gaData function| obvInit object| GLOBALS object| _mdm object| PLOVR_MODULE_INFO object| PLOVR_MODULE_URIS boolean| PLOVR_MODULE_USE_DEBUG_MODE function| _resizeIframe object| __obv

0 Cookies

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

cdn-images-1.medium.com
cdn-static-1.medium.com
collector-medium.lightstep.com
mail01.tinyletterapp.com
medium.com
www.google-analytics.com

cdn-images-1.medium.com

104.16.119.145
104.16.124.127
172.217.23.174
52.222.149.24
52.71.85.235

0612cd8e562e324289dc444911d54b7cda83229b3f27cdb0ebcd6f40d5de76d8
0c1435fc673d88433ba8308fc73d5a16d6c2248b9ead74e91509113a2daa0ea6
11204c446b0e6fcf7a37832b892fc1c9b1758b86ebfe754e79a41b65e35d96cf
1c63336f73c45920609d2bf8ac9053d8ecb95795801fcbee7898e53744f45185
22b2f84d2e19d9886b159470967c936df86b63cdbb5f4c187b4552a5bcd87420
24f32986c749ecdcd5665ced506577da9a39ee2270223af93e9dd34fe333bae0
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
40c4a52111bd1bdc5450d899a496deaf0229bfff88cdbff52a28641f2800dcf9
45428355d6aad9a3aac0696c963a1e368902705e0406cb8b9f8003eccfd7ddb5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
532a470f2d2de8ab09bba6a5deb0541321938cf5be2a766f6a162839a34a031a
5341c948efa34bb2b5f6c3c242c4d16c3e38a17b229a4f3162493ba8ef22f33b
584827ac602e8373a4a5fe46907f1b3440e35dc37f0fe85015abff69b39a53bd
5f87cb68ad3db48c730d22ac037a3638533b1df6c8d805ed6ee64febbb405ad9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
874611b3d4595ea6f3616c4c0bd375a20a73da482fb108e29da14941f15f35e4
92fdecfc486a5651df6c4279dd5e8bad9bc5d93cf0ddbf4ea2384ee62e4717f0
96bdf9ecffdc4892f0e5ce0ad8a1b70479539dc1b9408db23002533b9b651fff
9c95de7d27025433ecc42026e2698ff0bd640c811a3b7a9a6e4a92de7f07b549
ab6d95a87dcaa592371baaf273b78e0e404a51240779f7f950cc8226b9373db1
b17e31824e7690c85f759a6f06078b5cbe43371bbbe1ad0af97b9318dad5c4fd
e0809799d0edd8879d1fba65b5be04310af8983e05e94b23f4ff3eb5dd420600
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fcfc7369ea45c2178c31f3e9c67ab964e9230640ba1660791058442f51ea8116
fdfc8ba70050e5685221c82691b0b12fbe120fdde05994a9757009a6f24fbea0