bba.winstonsmith.org Open in urlscan Pro
95.216.25.71  Public Scan

12 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response bba.winstonsmith.org/	16 KB 6 KB	221ms 32ms	Document text/html	95.216.25.71 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://bba.winstonsmith.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.216.25.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS aaron.xed.it Software nginx / Resource Hash fa43d562a91bedff22448e97d350d96ccedb455bc11b38aa9c778c7ec5cb2d62 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers content-encoding gzip content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' content-type text/html date Mon, 20 Feb 2023 08:33:32 GMT etag W/"5b1a1145-3ec9" last-modified Fri, 08 Jun 2018 05:16:53 GMT referrer-policy strict-origin server nginx vary Accept-Encoding x-content-type-options nosniff x-download-options noopen x-frame-options sameorigin x-permitted-cross-domain-policies none x-xss-protection 1; mode=block
GET H2	200	hermes.css bba.winstonsmith.org/	7 KB 7 KB	34ms 34ms	Stylesheet text/css	95.216.25.71 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://bba.winstonsmith.org/hermes.css Requested by Host: bba.winstonsmith.org URL: https://bba.winstonsmith.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.216.25.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS aaron.xed.it Software nginx / Resource Hash ed1bf911dad567029ceb53dc05fd50db68d6e74ac311006299bca89b466ea257 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://bba.winstonsmith.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 08:33:32 GMT content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff x-permitted-cross-domain-policies none content-length 6803 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Sat, 19 May 2018 13:20:46 GMT server nginx etag "5b0024ae-1a93" x-download-options noopen x-frame-options sameorigin content-type text/css cache-control max-age=86400 accept-ranges bytes expires Tue, 21 Feb 2023 08:33:32 GMT
GET H2	200	bba_camera.png bba.winstonsmith.org/img/	19 KB 19 KB	68ms 68ms	Image image/png	95.216.25.71 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bba.winstonsmith.org/img/bba_camera.png Requested by Host: bba.winstonsmith.org URL: https://bba.winstonsmith.org/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.216.25.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS aaron.xed.it Software nginx / Resource Hash b77107d0506217e6cc228693c4998dea43ebfca44c3744c25ce1be0c54222c2c Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://bba.winstonsmith.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 08:33:32 GMT content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff x-permitted-cross-domain-policies none content-length 19063 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Wed, 06 Jun 2018 13:24:10 GMT server nginx etag "5b17e07a-4a77" x-download-options noopen x-frame-options sameorigin content-type image/png cache-control max-age=86400 accept-ranges bytes expires Tue, 21 Feb 2023 08:33:32 GMT
GET H2	200	bb_173x70.gif bba.winstonsmith.org/img/	2 KB 2 KB	36ms 36ms	Image image/gif	95.216.25.71 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bba.winstonsmith.org/img/bb_173x70.gif Requested by Host: bba.winstonsmith.org URL: https://bba.winstonsmith.org/hermes.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.216.25.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS aaron.xed.it Software nginx / Resource Hash 09d38f8e74439b1c20c8da889605a9d9d587330c6f074f36946d57bdb748fe28 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://bba.winstonsmith.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 08:33:32 GMT content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff x-permitted-cross-domain-policies none content-length 1968 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Wed, 14 May 2008 16:03:03 GMT server nginx etag "482b0d37-7b0" x-download-options noopen x-frame-options sameorigin content-type image/gif cache-control max-age=86400 accept-ranges bytes expires Tue, 21 Feb 2023 08:33:32 GMT
GET H2	200	hermes-logo.png bba.winstonsmith.org/img/	12 KB 12 KB	40ms 40ms	Image image/png	95.216.25.71 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bba.winstonsmith.org/img/hermes-logo.png Requested by Host: bba.winstonsmith.org URL: https://bba.winstonsmith.org/hermes.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.216.25.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS aaron.xed.it Software nginx / Resource Hash e2d5a18cb9c6072b35a9aa002d0407b3f045bb1220b7979ae4e428c49566138e Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://bba.winstonsmith.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 08:33:32 GMT content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff x-permitted-cross-domain-policies none content-length 12091 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Fri, 18 May 2018 23:17:12 GMT server nginx etag "5aff5ef8-2f3b" x-download-options noopen x-frame-options sameorigin content-type image/png cache-control max-age=86400 accept-ranges bytes expires Tue, 21 Feb 2023 08:33:32 GMT
GET H2	200	sfondo_nero.gif bba.winstonsmith.org/img/	836 B 1 KB	40ms 40ms	Image image/gif	95.216.25.71 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://bba.winstonsmith.org/img/sfondo_nero.gif Requested by Host: bba.winstonsmith.org URL: https://bba.winstonsmith.org/hermes.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 95.216.25.71 Helsinki, Finland, ASN24940 (HETZNER-AS, DE), Reverse DNS aaron.xed.it Software nginx / Resource Hash e2b059435fd7c27fbedc452824fc18b6f9a4af36d881e195390171eb6d324be6 Security Headers Name Value Content-Security-Policy default-src https: data: 'unsafe-inline' 'unsafe-eval' X-Content-Type-Options nosniff X-Frame-Options sameorigin X-Xss-Protection 1; mode=block Request headers accept-language fi-FI,fi;q=0.9 Referer https://bba.winstonsmith.org/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36 Response headers date Mon, 20 Feb 2023 08:33:32 GMT content-security-policy default-src https: data: 'unsafe-inline' 'unsafe-eval' x-content-type-options nosniff x-permitted-cross-domain-policies none content-length 836 x-xss-protection 1; mode=block referrer-policy strict-origin last-modified Wed, 14 May 2008 16:03:10 GMT server nginx etag "482b0d3e-344" x-download-options noopen x-frame-options sameorigin content-type image/gif cache-control max-age=86400 accept-ranges bytes expires Tue, 21 Feb 2023 08:33:32 GMT

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: 'unsafe-inline' 'unsafe-eval'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bba.winstonsmith.org
95.216.25.71
09d38f8e74439b1c20c8da889605a9d9d587330c6f074f36946d57bdb748fe28
b77107d0506217e6cc228693c4998dea43ebfca44c3744c25ce1be0c54222c2c
e2b059435fd7c27fbedc452824fc18b6f9a4af36d881e195390171eb6d324be6
e2d5a18cb9c6072b35a9aa002d0407b3f045bb1220b7979ae4e428c49566138e
ed1bf911dad567029ceb53dc05fd50db68d6e74ac311006299bca89b466ea257
fa43d562a91bedff22448e97d350d96ccedb455bc11b38aa9c778c7ec5cb2d62