blog.bujoli.org Open in urlscan Pro
2a09:8280:1::3:3273  Public Scan

25 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response blog.bujoli.org/	9 KB 4 KB	400ms 150ms	Document text/html	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://blog.bujoli.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/b242561f (2023-12-18) / Resource Hash 96e4c84a8d654b91c7c22615246f171c72c5be57ba0b9aae17d26653328272a1 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers cache-control max-age=0, private, must-revalidate content-encoding br content-type text/html; charset=utf-8 date Thu, 21 Dec 2023 20:21:40 GMT etag "1489dea63dfa644198ecd52c2bc9ce6a" fly-request-id 01HJ70MYHZ2ZFS8XV1SXJR1RKQ-mia server Fly/b242561f (2023-12-18) via 2 fly.io x-request-id fc4b98faa8ca52283db7d1b32e460091 x-runtime 0.033760 x-ua-compatible IE=Edge,chrome=1
GET H2	200	css fonts.googleapis.com/	4 KB 1 KB	221ms 71ms	Stylesheet text/css	2607:f8b0:4004:c09::5f GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext Requested by Host: blog.bujoli.org URL: https://blog.bujoli.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 404899376784b5104c4ff62fb495a5533a02fd291279dfef2b53f5e070f510ce Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://blog.bujoli.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 21 Dec 2023 20:21:40 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 21 Dec 2023 20:08:17 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 21 Dec 2023 20:21:40 GMT
GET H/1.1	200 OK	blog.css phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/	35 KB 35 KB	244ms 90ms	Stylesheet text/css	52.216.207.227 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214 Requested by Host: blog.bujoli.org URL: https://blog.bujoli.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.207.227 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 1b93465d3fc129e70c76ffb3ef318a203067c98d5436b6787f9eb9a1545e33d1 Request headers accept-language en-US,en;q=0.9 Referer https://blog.bujoli.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 20:21:41 GMT Last-Modified Fri, 10 Jul 2020 08:53:35 GMT Server AmazonS3 x-amz-request-id FT9K8CXD8VZ8SSHC ETag "1a55cdbb31acf46778066aab124a314e" Content-Type text/css Cache-Control max-age=315576000 Accept-Ranges bytes Content-Length 35553 x-amz-id-2 Kbt2rrN8d0LOwdKL4N9VPZecIVHiUc72P/J6EuRd9Yo1luIZ9IVxDiEOWNfM61R+6SAEYWrJSj8=
GET H2	200	blog-internal-ebf9cc379e51c299993a0f443d1fee65.css blog.bujoli.org/assets/	13 KB 3 KB	77ms 68ms	Stylesheet text/css	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://blog.bujoli.org/assets/blog-internal-ebf9cc379e51c299993a0f443d1fee65.css Requested by Host: blog.bujoli.org URL: https://blog.bujoli.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/b242561f (2023-12-18) / Resource Hash f1aef69912f71599a6bb9fc89c0e9d23aaeb9c2949f29e995ac00463169fcbf2 Request headers accept-language en-US,en;q=0.9 Referer https://blog.bujoli.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 21 Dec 2023 20:21:40 GMT content-encoding br via 2 fly.io last-modified Sat, 18 Nov 2023 17:14:34 GMT server Fly/b242561f (2023-12-18) fly-request-id 01HJ70MYQ60DVN0JKTGSPD5F9A-mia etag W/"325d-6558f0fa.0" content-type text/css cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes
GET H/1.1	200 OK	medium_tibocut-profil-logo-black-2016-120px.png phaven-prod.s3.amazonaws.com/files/profile_pic/asset/3121372/JWUx5AqXyLskee06vXprKIQCAM0/	2 KB 3 KB	228ms 92ms	Image image/png	52.216.56.201 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://phaven-prod.s3.amazonaws.com/files/profile_pic/asset/3121372/JWUx5AqXyLskee06vXprKIQCAM0/medium_tibocut-profil-logo-black-2016-120px.png Requested by Host: blog.bujoli.org URL: https://blog.bujoli.org/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.56.201 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 21034b58c22dd72c0252a0e2e04af0104760185118437ad80dee48885c3a716e Request headers accept-language en-US,en;q=0.9 Referer https://blog.bujoli.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 20:21:42 GMT x-amz-version-id CbHEseyE7Ul0AdPwd.Y939tr5YQaeM14 Last-Modified Thu, 21 Dec 2023 17:17:23 GMT Server AmazonS3 x-amz-request-id SK303DVT82Z7B890 ETag "c455f54701d35a610b5fe48862cbea74" x-amz-server-side-encryption AES256 Content-Type image/png Cache-Control max-age=315576000 Accept-Ranges bytes Content-Length 2113 x-amz-id-2 ZuxIMBFfHNQHiDg3LiwSlNWFZtAuq1JEa3T0EULOq0G1JP0jm0Np5W1fVR0zlg4BL0YFakP9cYc=
GET H2	200	widgets.js Show response platform.twitter.com/	91 KB 27 KB	219ms 61ms	Script application/javascript	146.75.28.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets.js Requested by Host: blog.bujoli.org URL: https://blog.bujoli.org/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1 Request headers accept-language en-US,en;q=0.9 Referer https://blog.bujoli.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 21 Dec 2023 20:21:41 GMT content-encoding gzip x-amz-server-side-encryption AES256 x-cache HIT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" content-length 27597 x-served-by cache-iad-kiad7000053-IAD last-modified Mon, 11 Dec 2023 17:20:28 GMT etag "824beb891744db98ccbd3a456e59e0f7+gzip" vary Accept-Encoding access-control-allow-methods GET content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=1800 accept-ranges bytes tw-cdn FT
GET H2	200	blog-56896baaa1bed614a7389ca92efb3991.js Show response blog.bujoli.org/assets/	372 KB 135 KB	111ms 103ms	Script application/javascript	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://blog.bujoli.org/assets/blog-56896baaa1bed614a7389ca92efb3991.js Requested by Host: blog.bujoli.org URL: https://blog.bujoli.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/b242561f (2023-12-18) / Resource Hash de7796072b83d47fce7ad639ef77ac2a750cd7f4dbb038677559235635a6ff9d Request headers accept-language en-US,en;q=0.9 Referer https://blog.bujoli.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 21 Dec 2023 20:21:40 GMT content-encoding br via 2 fly.io last-modified Sat, 18 Nov 2023 17:14:34 GMT server Fly/b242561f (2023-12-18) fly-request-id 01HJ70MYQ6QW42AARWXS3HH4TG-mia etag W/"5d012-6558f0fa.0" content-type application/javascript cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes
GET H/1.1	200 OK	posthaven-tab-1x.png phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/	2 KB 2 KB	72ms 71ms	Image image/png	52.216.207.227 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/posthaven-tab-1x.png Requested by Host: phthemes.s3.amazonaws.com URL: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.207.227 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 27ce16190f5e1d36a54c12e8f64b3f166408d2c647a4c2bd56aa62da82753f45 Request headers accept-language en-US,en;q=0.9 Referer https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 20:21:42 GMT Last-Modified Tue, 10 Dec 2019 16:01:16 GMT Server AmazonS3 x-amz-request-id SK32BHM8G8V07WC5 ETag "9527c6f041742b3dc18b2c249b3a693f" Content-Type image/png Cache-Control max-age=315576000 Accept-Ranges bytes Content-Length 1916 x-amz-id-2 c0fnVJKLtxbnTTTYHjnOM+YmoGhXoj1Ij1RG5ivQ/8xzEGHUeegg0pSFljxlMHx8HC1fjEXHUII=
GET H/1.1	200 OK	search.png phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/	3 KB 3 KB	151ms 81ms	Image image/png	52.216.207.227 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/search.png Requested by Host: phthemes.s3.amazonaws.com URL: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.207.227 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 1b0ad54756d56c32a08b0b47e4351dbfc48e7382a948189268e5bfd26c9554e6 Request headers accept-language en-US,en;q=0.9 Referer https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 20:21:42 GMT Last-Modified Tue, 10 Dec 2019 16:01:15 GMT Server AmazonS3 x-amz-request-id SK370WRXEP3RHYR1 ETag "d4edd6f1da43ec1d10255ef5edd311b4" Content-Type image/png Cache-Control max-age=315576000 Accept-Ranges bytes Content-Length 2847 x-amz-id-2 lLEWVyMjvzVZPLpCzNOr+DGOdOknbomJTzhQBrvbzjLvPygGjgUeNT13pF4NQqO/N92wHQfind8=
GET H2	200	2sDfZG1Wl4LcnbuKjk0m.woff2 fonts.gstatic.com/s/oxygen/v15/	16 KB 16 KB	260ms 132ms	Font font/woff2	2607:f8b0:4004:c09::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.bujoli.org accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 21 Dec 2023 03:21:22 GMT x-content-type-options nosniff age 61219 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16348 x-xss-protection 0 last-modified Mon, 09 May 2022 18:31:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Dec 2024 03:21:22 GMT
GET H/1.1	200 OK	feed14.png phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/	689 B 1 KB	207ms 94ms	Image image/png	52.216.207.227 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/feed14.png Requested by Host: phthemes.s3.amazonaws.com URL: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.216.207.227 Ashburn, United States, ASN16509 (AMAZON-02, US), Reverse DNS s3-1-w.amazonaws.com Software AmazonS3 / Resource Hash 8ee173565b2e771fecf3b471a79bdf072aaa1bd9dc27582cfda2b2a322beeba8 Request headers accept-language en-US,en;q=0.9 Referer https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Thu, 21 Dec 2023 20:21:42 GMT Last-Modified Tue, 10 Dec 2019 16:01:15 GMT Server AmazonS3 x-amz-request-id SK3EWATEYZ6BDVH2 ETag "2168a573d0d45bd2f9a89b8236453d61" Content-Type image/png Cache-Control max-age=315576000 Accept-Ranges bytes Content-Length 689 x-amz-id-2 7cBgllp14zKczL0oDiZESvebiZQfzMnhqBNhceEsu8I/6BeTYhMvVzR6vkomseh1b17ozovIdpU=
GET H2	200	wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2 fonts.gstatic.com/s/crimsontext/v19/	25 KB 25 KB	274ms 149ms	Font font/woff2	2607:f8b0:4004:c09::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.bujoli.org accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 21 Dec 2023 03:13:13 GMT x-content-type-options nosniff age 61708 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 25184 x-xss-protection 0 last-modified Tue, 24 May 2022 18:26:18 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Dec 2024 03:13:13 GMT
GET H2	200	2sDcZG1Wl4LcnbuCJW8zaGW5.woff2 fonts.gstatic.com/s/oxygen/v15/	15 KB 16 KB	184ms 60ms	Font font/woff2	2607:f8b0:4004:c09::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCJW8zaGW5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c5c877b2f70eaa51b17f81150decd43027fec02788fec5719be6befb12af115f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.bujoli.org accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 21 Dec 2023 03:39:09 GMT x-content-type-options nosniff age 60152 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15792 x-xss-protection 0 last-modified Mon, 09 May 2022 18:30:32 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Dec 2024 03:39:09 GMT
GET H2	200	2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 fonts.gstatic.com/s/oxygen/v15/	16 KB 16 KB	200ms 77ms	Font font/woff2	2607:f8b0:4004:c09::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://blog.bujoli.org accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 21 Dec 2023 03:36:13 GMT x-content-type-options nosniff age 60328 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16172 x-xss-protection 0 last-modified Mon, 09 May 2022 18:30:51 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 20 Dec 2024 03:36:13 GMT
GET H2	200	cs.json Show response blog.bujoli.org/posthaven/	115 B 485 B	98ms 97ms	XHR application/json	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://blog.bujoli.org/posthaven/cs.json?pids=2065048&counter=site-17223 Requested by Host: blog.bujoli.org URL: https://blog.bujoli.org/assets/blog-56896baaa1bed614a7389ca92efb3991.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/b242561f (2023-12-18) / Resource Hash 8549e3ee17016bd20a6fddb279b28cdd84dd2f01c3e60cd92d3582e6c36315f4 Request headers Accept */* Referer https://blog.bujoli.org/ X-Requested-With XMLHttpRequest accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-runtime 0.014237 date Thu, 21 Dec 2023 20:21:40 GMT content-encoding br via 2 fly.io fly-request-id 01HJ70MZ3NGSG7YHKT6HYJBEW0-mia server Fly/b242561f (2023-12-18) etag "15d87ce085d75753e4172a482bd198da" content-type application/json; charset=utf-8 cache-control max-age=0, private, must-revalidate x-request-id 08b8ac3a7ab4aea60bb42eb0caa2c377 x-ua-compatible IE=Edge,chrome=1
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	191ms 58ms	Script text/javascript	2607:f8b0:4004:c09::61 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: blog.bujoli.org URL: https://blog.bujoli.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://blog.bujoli.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Thu, 21 Dec 2023 19:13:05 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 4116 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17168 expires Thu, 21 Dec 2023 21:13:05 GMT
GET H2	200	check.js Show response posthaven.com/xd/	0 237 B	181ms 101ms	Script text/javascript	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://posthaven.com/xd/check.js?hostname=blog.bujoli.org&_=1703190100997 Requested by Host: blog.bujoli.org URL: https://blog.bujoli.org/assets/blog-56896baaa1bed614a7389ca92efb3991.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/b242561f (2023-12-18) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-US,en;q=0.9 Referer https://blog.bujoli.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-runtime 0.013823 date Thu, 21 Dec 2023 20:21:40 GMT content-encoding br via 2 fly.io fly-request-id 01HJ70MZ9GZ4AECRRPSY8J380D-mia server Fly/b242561f (2023-12-18) content-type text/javascript; charset=utf-8 cache-control no-cache x-request-id f8655f9475052fdd04be08b28b30d1b2 x-ua-compatible IE=Edge,chrome=1
GET H2	200	widget_iframe.2f70fb173b9000da126c79afe2098f02.html Show response platform.twitter.com/widgets/ Frame 1AC0	319 KB 103 KB	63ms 61ms	Document text/html	146.75.28.157 FASTLY
General Check archive.org Show headers Download Go to Full URL https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fblog.bujoli.org Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 146.75.28.157 Ashburn, United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18 Request headers Referer https://blog.bujoli.org/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes access-control-allow-methods GET access-control-allow-origin * cache-control public, max-age=315360000 content-encoding gzip content-length 105429 content-type text/html; charset=utf-8 date Thu, 21 Dec 2023 20:21:41 GMT etag "81267302efdfb3e4524a22631a8fc99e+gzip" last-modified Mon, 11 Dec 2023 17:19:49 GMT p3p CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT" tw-cdn FT vary Accept-Encoding x-amz-server-side-encryption AES256 x-cache HIT x-served-by cache-iad-kiad7000053-IAD
GET H2	200	__utm.gif ssl.google-analytics.com/r/	35 B 197 B	68ms 66ms	Image image/gif	2607:f8b0:4004:c09::61 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1717541927&utmhn=blog.bujoli.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Bujoli.org&utmhid=1287493852&utmr=-&utmp=%2F&utmht=1703190101368&utmac=UA-38525690-2&utmcc=__utma%3D166453869.696649551.1703190101.1703190101.1703190101.1%3B%2B__utmz%3D166453869.1703190101.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=961980606&utmredir=1&utmu=qgAAAAAAAAAAAAAAAAAAAAAE~ Requested by Host: blog.bujoli.org URL: https://blog.bujoli.org/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4004:c09::61 Ashburn, United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-US,en;q=0.9 Referer https://blog.bujoli.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Thu, 21 Dec 2023 20:21:41 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	settings Show response syndication.twitter.com/ Frame 1AC0	870 B 659 B	163ms 55ms	Fetch application/json	104.244.42.8 TWITTER
General Check archive.org Show headers Download Go to Full URL https://syndication.twitter.com/settings?session_id=ec2227a624ccb5584b3932392879592d84359a40 Requested by Host: platform.twitter.com URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fblog.bujoli.org Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.244.42.8 , United States, ASN13414 (TWITTER, US), Reverse DNS Software tsa_b / Resource Hash 8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94 Security Headers Name Value Strict-Transport-Security max-age=631138519 Request headers accept-language en-US,en;q=0.9 Referer https://platform.twitter.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-response-time 8 date Thu, 21 Dec 2023 20:21:41 GMT content-encoding gzip strict-transport-security max-age=631138519 last-modified Thu, 21 Dec 2023 20:21:41 GMT server tsa_b vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://platform.twitter.com x-transaction-id 25f62a9ca7c4b772 cache-control must-revalidate, max-age=600 access-control-allow-credentials true perf 7469935968 x-connection-hash 8f46917f31118f64611c98d3a5d82e79963a5f822b6179fc0ffda1ace7548f07 content-length 338

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| documentPictureInPicture object| Posthaven function| jQuery object| _gaq object| __twttrll object| twttr object| __twttr object| _gat object| gaGlobal

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			blog.bujoli.org/	1969-12-31 23:59:59	Name: _posthaven_session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTZmMDNlM2MzM2FjZDYxYzQ4ODRlZDljYWQwYTk2YzZlBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMWhxL2c4Q1EyT1JDWmlQUUpYdlZSTjcyMDJlQzlUaW9yaDNxa2EySnNPVVU9BjsARg%3D%3D--b396fdd20dbdc4173275bf96f164d257841887b1
			.blog.bujoli.org/	1970-01-21 02:42:30	Name: __utma Value: 166453869.696649551.1703190101.1703190101.1703190101.1
			.blog.bujoli.org/	1969-12-31 23:59:59	Name: __utmc Value: 166453869
			.blog.bujoli.org/	1970-01-20 21:29:18	Name: __utmz Value: 166453869.1703190101.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
			.blog.bujoli.org/	1970-01-20 17:06:30	Name: __utmt Value: 1
			.blog.bujoli.org/	1970-01-20 17:06:31	Name: __utmb Value: 166453869.1.10.1703190101

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.bujoli.org
fonts.googleapis.com
fonts.gstatic.com
phaven-prod.s3.amazonaws.com
phthemes.s3.amazonaws.com
platform.twitter.com
posthaven.com
ssl.google-analytics.com
syndication.twitter.com
104.244.42.8
146.75.28.157
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c09::61
2a09:8280:1::3:3273
52.216.207.227
52.216.56.201
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
1b0ad54756d56c32a08b0b47e4351dbfc48e7382a948189268e5bfd26c9554e6
1b93465d3fc129e70c76ffb3ef318a203067c98d5436b6787f9eb9a1545e33d1
21034b58c22dd72c0252a0e2e04af0104760185118437ad80dee48885c3a716e
27ce16190f5e1d36a54c12e8f64b3f166408d2c647a4c2bd56aa62da82753f45
404899376784b5104c4ff62fb495a5533a02fd291279dfef2b53f5e070f510ce
538c7067580f457dd3dd98ebaabeb19405c12bdd01674d3db8fd9948ee73c862
5740bce57f68562d42e8ca6f6eb70dca3bc33be11ef0361e78274d360f41adc9
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8549e3ee17016bd20a6fddb279b28cdd84dd2f01c3e60cd92d3582e6c36315f4
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
8ee173565b2e771fecf3b471a79bdf072aaa1bd9dc27582cfda2b2a322beeba8
96e4c84a8d654b91c7c22615246f171c72c5be57ba0b9aae17d26653328272a1
9e64f128d5352d04ea5c87031e4cf1ad204b72a0afb003ece52eeb997d28a570
c5c877b2f70eaa51b17f81150decd43027fec02788fec5719be6befb12af115f
de7796072b83d47fce7ad639ef77ac2a750cd7f4dbb038677559235635a6ff9d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1aef69912f71599a6bb9fc89c0e9d23aaeb9c2949f29e995ac00463169fcbf2