www.posthaven.com Open in urlscan Pro
2a09:8280:1::3:3273  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.posthaven.com/	12 KB 5 KB	353ms 207ms	Document text/html	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://www.posthaven.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/577378ac (2024-07-02) / Resource Hash 2ec679a85857218b123d9c48e8dfe54e49b7edb5715da06c2fffa841320a7146 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers cache-control max-age=0, private, must-revalidate content-encoding zstd content-type text/html; charset=utf-8 date Mon, 08 Jul 2024 19:26:33 GMT etag "f2be38f769aa61b451a000f7d1e1e2ba" fly-request-id 01J29WZRZYWPGJGX58F20YWX71-ams server Fly/577378ac (2024-07-02) vary Origin via 2 fly.io x-request-id 6f1504931bb11cd93bfaa687ab20f85c x-runtime 0.019518 x-ua-compatible IE=Edge,chrome=1
GET H2	200	modernizr.foundation-07cdd846d9479141366fe100b09eb45c.js Show response www.posthaven.com/assets/foundation/	9 KB 4 KB	206ms 198ms	Script application/javascript	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://www.posthaven.com/assets/foundation/modernizr.foundation-07cdd846d9479141366fe100b09eb45c.js Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/577378ac (2024-07-02) / Resource Hash 5f1f197aa35c0d654f8fd2cf7f0993476e8f324f5dea63ccae9a4804bf905d6c Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:33 GMT content-encoding zstd via 2 fly.io last-modified Sat, 20 Apr 2024 15:17:32 GMT server Fly/577378ac (2024-07-02) fly-request-id 01J29WZSC78ZTTCZZSAEPGZJYE-ams vary Origin content-type application/javascript fly-cache-status MISS
GET H2	200	website-df7b6f4a89c11e2a9fd44d78620470f2.css www.posthaven.com/assets/	229 KB 84 KB	205ms 198ms	Stylesheet text/css	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://www.posthaven.com/assets/website-df7b6f4a89c11e2a9fd44d78620470f2.css Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/577378ac (2024-07-02) / Resource Hash 3f52ff1a142ea2d3d20939e8f134029c1fa367c9253bb2058181c5c7721d5154 Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:33 GMT content-encoding zstd via 2 fly.io last-modified Sun, 21 Apr 2024 01:24:21 GMT server Fly/577378ac (2024-07-02) fly-request-id 01J29WZSC76Z2WYJS3V91XB78C-ams vary Origin content-type text/css fly-cache-status MISS
GET H2	200	tailwind-1e3320a3.css www.posthaven.com/stylesheets/	16 KB 5 KB	216ms 209ms	Stylesheet text/css	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://www.posthaven.com/stylesheets/tailwind-1e3320a3.css Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/577378ac (2024-07-02) / Resource Hash e550372711f2851bc3c06424f52b8bba4dbdcb978ffab8f02fd54038d810e2e0 Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:33 GMT content-encoding zstd via 2 fly.io last-modified Sun, 21 Apr 2024 14:42:16 GMT server Fly/577378ac (2024-07-02) fly-request-id 01J29WZSC75MCC27J0BGFCH2NX-ams vary Origin content-type text/css
GET H3	200	api.js Show response www.google.com/recaptcha/	1 KB 961 B	103ms 25ms	Script text/javascript	142.250.185.164 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.185.164 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f4.1e100.net Software GSE / Resource Hash df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:34 GMT content-encoding gzip x-content-type-options nosniff content-security-policy frame-ancestors 'self' server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=utf-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block expires Mon, 08 Jul 2024 19:26:34 GMT
GET H2	200	application-7f939da767d3822241fa075b19e132b4.js Show response www.posthaven.com/assets/	1016 KB 282 KB	261ms 257ms	Script application/javascript	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://www.posthaven.com/assets/application-7f939da767d3822241fa075b19e132b4.js Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/577378ac (2024-07-02) / Resource Hash 31271cb8b88ceed55400922d4b48bd0fc9dab1d1bc15bddd25932df6f609df27 Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:33 GMT content-encoding zstd via 2 fly.io last-modified Sun, 21 Apr 2024 01:24:21 GMT server Fly/577378ac (2024-07-02) fly-request-id 01J29WZSC7K7Y4959ZB6F77Q96-ams etag W/"fe17f-66246ac5.0" content-type application/javascript cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes
GET H2	200	heap-1361953651.js Show response cdn.heapanalytics.com/js/	117 KB 37 KB	305ms 218ms	Script application/javascript	13.32.27.116 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.heapanalytics.com/js/heap-1361953651.js Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.27.116 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-27-116.fra56.r.cloudfront.net Software nginx / Express Resource Hash 4b0e715f56590ad3cd60aab8b5a137872cc7f241dba0242d9acee994e9967195 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:34 GMT content-encoding br via 1.1 fdc45b521af7652438141328494a79d2.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains server nginx x-amz-cf-pop FRA56-C2 x-powered-by Express etag W/"1d2af-g8c/UK5I4lTceFeUqvXQPn//BLo" vary Accept-Encoding x-cache Miss from cloudfront content-type application/javascript; charset=utf-8 cache-control public, max-age=120 alt-svc h3=":443"; ma=86400 x-amz-cf-id i126AYyp6ButuF5ixUNbbgfq9nv4n1_IcOui30PBvPWZm03zxD28Pg==
GET H2	200	array.js Show response app.posthog.com/static/	151 KB 53 KB	148ms 47ms	Script text/javascript	2606:4700:10::6816:3ab5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://app.posthog.com/static/array.js Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:3ab5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7387e7c7fb313b4dc35825617715bbf15c2377b444a5d8dc5db12a1cbcc34bd3 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:34 GMT content-encoding gzip x-content-type-options nosniff cf-cache-status HIT age 40 x-envoy-upstream-service-time 34 referrer-policy same-origin last-modified Mon, 08 Jul 2024 18:48:35 GMT server cloudflare cross-origin-opener-policy same-origin x-frame-options SAMEORIGIN vary Cookie, Accept-Encoding content-type text/javascript; charset="utf-8" access-control-allow-origin * cache-control public, max-age=300 cf-ray 8a02777a5fce5d98-FRA
GET H2	200	analytics.min.js Show response cdn.segment.com/analytics.js/v1/UDvLNDGzpCXGawkcCxC6Iql9XZ9WrWGV/	103 KB 29 KB	134ms 44ms	Script text/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics.js/v1/UDvLNDGzpCXGawkcCxC6Iql9XZ9WrWGV/analytics.min.js Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 3d7b1f2f7cec51641a17ff7435a1d773f1c1ef661f1c45dd7f77453b3642ba9f Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-amz-version-id _TTtRVCmpA9Ci.zY.rtTxumx1GQZyvkk content-encoding gzip via 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront) date Mon, 08 Jul 2024 19:26:06 GMT x-amz-cf-pop FRA6-C1 age 29 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 29 May 2024 00:11:57 GMT server AmazonS3 etag W/"e2d193ce5fe9b40bd4eaae7c0a895653" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type text/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=120 vary Accept-Encoding x-amz-cf-id -EY8QVMj2RNHjG721DsY7f1tHTAjOqtA_w7EoUji-VL430acJCcptQ==
GET H2	200	ga.js Show response ssl.google-analytics.com/	45 KB 17 KB	134ms 34ms	Script text/javascript	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ssl.google-analytics.com/ga.js Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 08 Jul 2024 18:51:36 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 2098 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17168 expires Mon, 08 Jul 2024 20:51:36 GMT
GET H2	200	CircularXXWeb-Bold.woff2 www.posthaven.com/assets/	72 KB 72 KB	218ms 217ms	Font font/woff2	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://www.posthaven.com/assets/CircularXXWeb-Bold.woff2 Requested by Host: www.posthaven.com URL: https://www.posthaven.com/assets/website-df7b6f4a89c11e2a9fd44d78620470f2.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/577378ac (2024-07-02) / Resource Hash 7387021408574afb13687c47d583f43c70cf9511d5dfd772be64f8ec975895a8 Request headers Referer https://www.posthaven.com/assets/website-df7b6f4a89c11e2a9fd44d78620470f2.css Origin https://www.posthaven.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:34 GMT via 2 fly.io last-modified Sun, 21 Apr 2024 01:24:21 GMT server Fly/577378ac (2024-07-02) fly-request-id 01J29WZT661G279NB67BDNWF4D-ams etag W/"1214b-66246ac5.0" content-type font/woff2 cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes content-length 74059
GET H2	200	CircularXXWeb-Medium.woff2 www.posthaven.com/assets/	69 KB 70 KB	219ms 218ms	Font font/woff2	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://www.posthaven.com/assets/CircularXXWeb-Medium.woff2 Requested by Host: www.posthaven.com URL: https://www.posthaven.com/assets/website-df7b6f4a89c11e2a9fd44d78620470f2.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/577378ac (2024-07-02) / Resource Hash 8fe6acb606204bb51fd9130bca281a23ad25aafaf98e912bca79323adbb14c67 Request headers Referer https://www.posthaven.com/assets/website-df7b6f4a89c11e2a9fd44d78620470f2.css Origin https://www.posthaven.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:34 GMT via 2 fly.io last-modified Sun, 21 Apr 2024 01:24:21 GMT server Fly/577378ac (2024-07-02) fly-request-id 01J29WZT669XTKRTWXAVJST64Q-ams etag W/"11587-66246ac5.0" content-type font/woff2 cache-control public, max-age=0, must-revalidate fly-cache-status HIT accept-ranges bytes content-length 71047
GET H2	200	feijoa-bold.woff2 www.posthaven.com/assets/	75 KB 75 KB	218ms 216ms	Font application/octet-stream	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://www.posthaven.com/assets/feijoa-bold.woff2 Requested by Host: www.posthaven.com URL: https://www.posthaven.com/assets/website-df7b6f4a89c11e2a9fd44d78620470f2.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/577378ac (2024-07-02) / Resource Hash d872c42e4a282d06b4c94f0f4991ce7c084aeb1ffcd6c29c3ab385ae84c5ec64 Request headers Referer https://www.posthaven.com/assets/website-df7b6f4a89c11e2a9fd44d78620470f2.css Origin https://www.posthaven.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:34 GMT content-encoding zstd via 2 fly.io last-modified Sun, 21 Apr 2024 01:24:21 GMT server Fly/577378ac (2024-07-02) fly-request-id 01J29WZT67Y56VBX2EATXPXNMP-ams vary Origin content-type text/plain fly-cache-status MISS
GET H2	200	CircularXXWeb-Book.woff2 www.posthaven.com/assets/	67 KB 67 KB	436ms 435ms	Font application/octet-stream	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://www.posthaven.com/assets/CircularXXWeb-Book.woff2 Requested by Host: www.posthaven.com URL: https://www.posthaven.com/assets/website-df7b6f4a89c11e2a9fd44d78620470f2.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/577378ac (2024-07-02) / Resource Hash bd113ba94a91c48e4a0c56c0db06165aa5325052391a7ca70b45143e9e22d8d0 Request headers Referer https://www.posthaven.com/assets/website-df7b6f4a89c11e2a9fd44d78620470f2.css Origin https://www.posthaven.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:34 GMT content-encoding zstd via 2 fly.io last-modified Sun, 21 Apr 2024 01:24:21 GMT server Fly/577378ac (2024-07-02) fly-request-id 01J29WZT67EDG8PDQS0S4MEKK3-ams vary Origin content-type text/plain fly-cache-status MISS
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/	536 KB 213 KB	252ms 49ms	Script text/javascript	2a00:1450:4001:802::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/rKbTvxTxwcw5VqzrtN-ICwWt/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.posthaven.com/ Origin https://www.posthaven.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 16:38:29 GMT content-encoding gzip x-content-type-options nosniff age 10086 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 217833 x-xss-protection 0 last-modified Sun, 23 Jun 2024 08:01:07 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 08 Jul 2025 16:38:29 GMT
GET H2	200	__utm.gif ssl.google-analytics.com/r/	35 B 197 B	138ms 44ms	Image image/gif	2a00:1450:4001:82a::2008 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=178301388&utmhn=www.posthaven.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=de-de&utmje=0&utmfl=-&utmdt=Posthaven%20is%20the%20safe%20place%20for%20all%20your%20posts%20forever&utmhid=569049664&utmr=-&utmp=%2F&utmht=1720466794899&utmac=UA-38525690-1&utmcc=__utma%3D143353780.1846505788.1720466795.1720466795.1720466795.1%3B%2B__utmz%3D143353780.1720466795.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1292578584&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 08 Jul 2024 19:26:34 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	settings Show response cdn.segment.com/v1/projects/UDvLNDGzpCXGawkcCxC6Iql9XZ9WrWGV/	598 B 1 KB	217ms 40ms	Fetch application/json	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/UDvLNDGzpCXGawkcCxC6Iql9XZ9WrWGV/settings Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/UDvLNDGzpCXGawkcCxC6Iql9XZ9WrWGV/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 16e1cc1a737e829e87bd99e35f77e6ad34c010a31aaa041c1b50285f7f572597 Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers x-amz-version-id yAexo2kfWkkKkVR6YuyKksHUIsNBHYfi date Mon, 08 Jul 2024 17:46:58 GMT via 1.1 b0954612f115b3d0a0db0a669e45ae8e.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 5978 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 598 last-modified Sat, 11 Sep 2021 17:24:33 GMT server AmazonS3 etag "734fe83678a70ba4c38a7714f1e46ff6" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 vary Accept-Encoding accept-ranges bytes x-amz-cf-id 8b_hR3REFh-yC2ftoh-8IsRNZrxhTgyfNLZpUPG_qRk5r6SWxgm6ug==
POST H2	200	/ Show response us.i.posthog.com/decide/	501 B 674 B	548ms 60ms	XHR application/json	50.19.26.147 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://us.i.posthog.com/decide/?v=3&ip=1&_=1720466795000&ver=1.145.0&compression=base64 Requested by Host: app.posthog.com URL: https://app.posthog.com/static/array.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.19.26.147 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-19-26-147.compute-1.amazonaws.com Software envoy / Resource Hash fe98dec78a531a404f8efedda04c8033bb436f6c7ef13f2610cd022564d9e39f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 08 Jul 2024 19:26:35 GMT content-encoding gzip x-content-type-options nosniff referrer-policy same-origin server envoy cross-origin-opener-policy same-origin vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://www.posthaven.com access-control-allow-credentials true x-envoy-upstream-service-time 8 access-control-allow-headers X-Requested-With,Content-Type
POST H2	200	/ Show response us.i.posthog.com/e/	13 B 414 B	506ms 58ms	XHR application/json	50.19.26.147 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://us.i.posthog.com/e/?ip=1&_=1720466795031&ver=1.145.0&compression=base64 Requested by Host: app.posthog.com URL: https://app.posthog.com/static/array.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 50.19.26.147 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-50-19-26-147.compute-1.amazonaws.com Software envoy / Resource Hash 7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers date Mon, 08 Jul 2024 19:26:35 GMT content-encoding gzip x-content-type-options nosniff referrer-policy same-origin server envoy cross-origin-opener-policy same-origin vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type application/json access-control-allow-origin https://www.posthaven.com access-control-allow-credentials true x-envoy-upstream-service-time 7 access-control-allow-headers X-Requested-With,Content-Type
GET H2	200	h heapanalytics.com/	37 B 261 B	503ms 124ms	Image image/gif	34.235.46.65 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://heapanalytics.com/h?a=1361953651&u=8288116489849535&v=7868445877393002&s=8571401220911522&b=web&tv=4.0&z=0&h=%2F&d=www.posthaven.com&t=Posthaven%20is%20the%20safe%20place%20for%20all%20your%20posts%20forever&ts=1720466795098&sch=1200&scw=1600&st=1720466795112 Requested by Host: www.posthaven.com URL: https://www.posthaven.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.235.46.65 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-46-65.compute-1.amazonaws.com Software nginx / Resource Hash bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Mon, 08 Jul 2024 19:26:35 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx etag W/"25-4iFqfptz9csCeTUceM5hwzR1zqc" content-type image/gif cache-control private, no-cache, no-cache=Set-Cookie, proxy-revalidate content-length 37
GET H2	200	ajs-destination.bundle.ed53a26b6edc80c65d73.js Show response cdn.segment.com/analytics-next/bundles/	9 KB 3 KB	38ms 27ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.ed53a26b6edc80c65d73.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/UDvLNDGzpCXGawkcCxC6Iql9XZ9WrWGV/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6 Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 24 Jun 2024 20:17:52 GMT x-amz-version-id y1rPlIgvelxNE1YxH.dn4iIroP2Pnn0U content-encoding br via 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 1206523 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 24 Jun 2024 18:40:05 GMT server AmazonS3 etag W/"00e9c65cbba11c07c4bf4a6e2727b8ea" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id ivsd2fQqW-4OhW1tY9V0q6QlD1bDJhgotYTcQn_Eg3ehDRzu5BV9RA==
GET H2	200	schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Show response cdn.segment.com/analytics-next/bundles/	2 KB 1 KB	30ms 30ms	Script application/javascript	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.5c2661f67b4b71a6d9bd.js Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/UDvLNDGzpCXGawkcCxC6Iql9XZ9WrWGV/analytics.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 24 Jun 2024 20:17:54 GMT x-amz-version-id fFM2.Q5O21tbOz6I0BWTT24IeUb4pa6L content-encoding br via 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront) x-amz-cf-pop FRA6-C1 age 1206522 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Mon, 24 Jun 2024 18:40:05 GMT server AmazonS3 etag W/"3867b2388b619ff7fddc29ef359fc9aa" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/javascript access-control-allow-origin * cache-control public,max-age=31536000,immutable vary Accept-Encoding x-amz-cf-id 5xgdGg46kmOR9sCJH181V7RbWwKpA9RCBCVA5Y0l2VM1rzs47nBMsg==
POST H2	200	p Show response api.segment.io/v1/	21 B 176 B	586ms 194ms	Fetch application/json	44.240.52.117 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.segment.io/v1/p Requested by Host: cdn.segment.com URL: https://cdn.segment.com/analytics.js/v1/UDvLNDGzpCXGawkcCxC6Iql9XZ9WrWGV/analytics.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-44-240-52-117.us-west-2.compute.amazonaws.com Software / Resource Hash 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers access-control-allow-origin https://www.posthaven.com date Mon, 08 Jul 2024 19:26:36 GMT strict-transport-security max-age=31536000 content-length 21 vary Origin content-type application/json
GET H2	200	favicon.ico www.posthaven.com/	15 KB 2 KB	197ms 196ms	Other image/vnd.microsoft.icon	2a09:8280:1::3:3273 FLY
General Check archive.org Show headers Download Go to Full URL https://www.posthaven.com/favicon.ico Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US), Reverse DNS Software Fly/577378ac (2024-07-02) / Resource Hash c3aecdda225f0a6e69c5e9a397c0137570c6f4a095fd2f9575c467b96d2e18ad Request headers Referer https://www.posthaven.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Mon, 08 Jul 2024 19:26:35 GMT content-encoding zstd via 2 fly.io last-modified Sun, 21 Apr 2024 14:42:16 GMT server Fly/577378ac (2024-07-02) fly-request-id 01J29WZV7ER6WJ32SN37KY1WFN-ams vary Origin content-type image/vnd.microsoft.icon

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| html5 object| Modernizr function| yepnope number| _heapid object| heap object| posthog object| analytics object| _gaq object| wysihtml5 function| Base function| mobiledocPrettyJSONRenderer object| cookiesEu function| $ function| jQuery function| _ object| Backbone object| Support function| HAML object| rangy function| loadImage function| dataURLtoBlob function| tmpl object| locale object| jstz object| Mobiledoc function| moment function| Cookies object| Posthaven object| PH object| JST object| jQuery1100002244572769767661 object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| _gat object| gaGlobal object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| recaptcha

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.posthaven.com/	1969-12-31 23:59:59	Name: _posthaven_session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTgzOWU2YzFhYWVmNGIwNmI4MTQ2ZTJmMjAxMDM2MGUxBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMTA5ajFZN1RKNkNWMGp2UHNvei90YnJySHlGY3I2V0JGdTFidEFHdURFcG89BjsARg%3D%3D--79a36c2ea1b896f037a375a0eca6a0359b983cab
			.posthaven.com/	1970-01-21 07:30:26	Name: __utma Value: 143353780.1846505788.1720466795.1720466795.1720466795.1
			.posthaven.com/	1969-12-31 23:59:59	Name: __utmc Value: 143353780
			.posthaven.com/	1970-01-21 02:17:14	Name: __utmz Value: 143353780.1720466795.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
			.posthaven.com/	1970-01-20 21:54:27	Name: __utmt Value: 1
			.posthaven.com/	1970-01-20 21:54:28	Name: __utmb Value: 143353780.1.10.1720466795
			.posthaven.com/	1970-01-21 06:40:02	Name: ph_aRidU-zPpsGgatvzS5BZ4yq5z6Jvp-uMO3tTHc-TjD0_posthog Value: %7B%22distinct_id%22%3A%22019093cf-e9dd-7006-8900-4ce9018d4ab4%22%2C%22%24sesid%22%3A%5B1720466795029%2C%22019093cf-e9cf-770f-bcac-cba40094046c%22%2C1720466794959%5D%7D
			.posthaven.com/	1970-01-21 07:22:24	Name: _hp2_id.1361953651 Value: %7B%22userId%22%3A%228288116489849535%22%2C%22pageviewId%22%3A%227868445877393002%22%2C%22sessionId%22%3A%228571401220911522%22%2C%22identity%22%3Anull%2C%22trackerVersion%22%3A%224.0%22%7D
			.posthaven.com/	1970-01-20 21:54:28	Name: _hp2_ses_props.1361953651 Value: %7B%22ts%22%3A1720466795098%2C%22d%22%3A%22www.posthaven.com%22%2C%22h%22%3A%22%2F%22%7D
			.posthaven.com/	1970-01-21 06:40:02	Name: ajs_anonymous_id Value: 1d4d006f-8923-48f9-a16e-bb8b6c38ab22

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
app.posthog.com
cdn.heapanalytics.com
cdn.segment.com
heapanalytics.com
ssl.google-analytics.com
us.i.posthog.com
www.google.com
www.gstatic.com
www.posthaven.com
13.32.27.116
142.250.185.164
2606:4700:10::6816:3ab5
2a00:1450:4001:802::2003
2a00:1450:4001:82a::2008
2a09:8280:1::3:3273
34.235.46.65
44.240.52.117
50.19.26.147
99.86.8.175
0481cf978633d761686dd05ed060c86593d34768aa66d43d61c4f968cbe6b63d
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
129151ed0140041b198ce3b364a11861a3b5baa5bb60475ebf7bedb9b0fc94d6
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
16e1cc1a737e829e87bd99e35f77e6ad34c010a31aaa041c1b50285f7f572597
2ec679a85857218b123d9c48e8dfe54e49b7edb5715da06c2fffa841320a7146
31271cb8b88ceed55400922d4b48bd0fc9dab1d1bc15bddd25932df6f609df27
31892c21ae4fb908a875bbe29dbf0df74c2e84171cfbcac23540f3ad8222a35a
3d7b1f2f7cec51641a17ff7435a1d773f1c1ef661f1c45dd7f77453b3642ba9f
3f52ff1a142ea2d3d20939e8f134029c1fa367c9253bb2058181c5c7721d5154
4b0e715f56590ad3cd60aab8b5a137872cc7f241dba0242d9acee994e9967195
5f1f197aa35c0d654f8fd2cf7f0993476e8f324f5dea63ccae9a4804bf905d6c
7387021408574afb13687c47d583f43c70cf9511d5dfd772be64f8ec975895a8
7387e7c7fb313b4dc35825617715bbf15c2377b444a5d8dc5db12a1cbcc34bd3
7d4afed20a912db310862a5294bcf8fb6269c76a292908ddc1fbd496456eff56
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8fe6acb606204bb51fd9130bca281a23ad25aafaf98e912bca79323adbb14c67
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd113ba94a91c48e4a0c56c0db06165aa5325052391a7ca70b45143e9e22d8d0
c3aecdda225f0a6e69c5e9a397c0137570c6f4a095fd2f9575c467b96d2e18ad
d872c42e4a282d06b4c94f0f4991ce7c084aeb1ffcd6c29c3ab385ae84c5ec64
df85e001ce72e46c578531cf3ea8bbb0712a4af63abc112d9d633e474c05965f
e550372711f2851bc3c06424f52b8bba4dbdcb978ffab8f02fd54038d810e2e0
fe98dec78a531a404f8efedda04c8033bb436f6c7ef13f2610cd022564d9e39f