403 Is it returned by destination host or cloudflare?

we are experiencing the issue with http status returned by our partner API (i.e. api.host.com)
Our partner said to us there is no block in any place in their system (*.host.com) …
… in the same time using the same IP address we can use their website (host.com) that is connecting to (api subdomain) without issues.

Is there any option to check in the returned headers if cloudflare is blocking us?

“Cache-control”: [
" private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0\r"
“Content-Type”: " text/plain; charset=UTF-8\r",
“date”: " Wed, 05 May 2021 11:23:41 GMT\r",
“content-length”: " 16\r",
“x-frame-options”: " SAMEORIGIN\r",
“expires”: " Thu, 01 Jan 1970 00:00:01 GMT\r",
“set-cookie”: " __cfduid=d26ad24ef1d359b9c780494466ae4756a1620213821; expires=Fri, 04-Jun-21 11:23:41 GMT; path=/; domain=.bitazza.com; HttpOnly; SameSite=Lax; Secure\r",
“cf-request-id”: " 09ddde081700000009c11a6000000001\r",
“expect-ct”: " max-age=604800, report-uri=“reporturl link”\r",
“strict-transport-security”: " max-age=15552000; includeSubDomains; preload\r",
“x-content-type-options”: " nosniff\r",
“server”: " cloudflare\r",
“cf-ray”: " 64a999202a300009-WAW"

A 403 could come from either. If it’s coming from Cloudflare, it will show up in the owner’s Firewall Events Log. If it’s coming from the origin, it would be in their server log.

This topic was automatically closed 5 days after the last reply. New replies are no longer allowed.