Submitted URL: http://hedgehog.exposed/
Effective URL: https://hedgehog.exposed/
Submission: On June 29 via api from US — Scanned from DE

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 29 HTTP transactions. The main IP is 66.6.44.4, located in Ashburn, United States and belongs to AUTOMATTIC, US. The main domain is hedgehog.exposed.
TLS certificate: Issued by R3 on May 7th 2024. Valid for: 3 months.
This is the only time hedgehog.exposed was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 66.6.44.4 2635 (AUTOMATTIC)
11 192.0.77.40 2635 (AUTOMATTIC)
1 192.0.77.32 2635 (AUTOMATTIC)
4 199.232.192.193 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
4 2606:2800:234... 15133 (EDGECAST)
1 96.43.128.66 19969 (JOESDATAC...)
3 192.0.76.3 2635 (AUTOMATTIC)
1 104.244.42.8 13414 (TWITTER)
29 9
Apex Domain
Subdomains
Transfer
11 tumblr.com
assets.tumblr.com — Cisco Umbrella Rank: 30042
px.srvcs.tumblr.com — Cisco Umbrella Rank: 87342
www.tumblr.com — Cisco Umbrella Rank: 27208
163 KB
5 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1433
syndication.twitter.com — Cisco Umbrella Rank: 1678
31 KB
4 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7896
758 KB
4 wp.com
s0.wp.com — Cisco Umbrella Rank: 10041
pixel.wp.com — Cisco Umbrella Rank: 3684
3 KB
3 hedgehog.exposed
hedgehog.exposed
13 KB
1 cursors-4u.net
cur.cursors-4u.net — Cisco Umbrella Rank: 994658
4 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 71
21 KB
29 7
Domain Requested by
8 assets.tumblr.com hedgehog.exposed
assets.tumblr.com
4 platform.twitter.com hedgehog.exposed
platform.twitter.com
4 i.imgur.com hedgehog.exposed
3 pixel.wp.com hedgehog.exposed
3 hedgehog.exposed assets.tumblr.com
2 px.srvcs.tumblr.com hedgehog.exposed
1 syndication.twitter.com
1 www.tumblr.com assets.tumblr.com
1 cur.cursors-4u.net hedgehog.exposed
1 www.google-analytics.com hedgehog.exposed
1 s0.wp.com hedgehog.exposed
29 11
Subject Issuer Validity Valid
hedgehog.exposed
R3
2024-05-07 -
2024-08-05
3 months crt.sh
*.tumblr.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-15 -
2024-12-15
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
*.imgur.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-15 -
2025-02-14
a year crt.sh
*.google-analytics.com
WR2
2024-06-13 -
2024-09-05
3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-28 -
2024-07-26
a year crt.sh
assets.txmblr.com
Sectigo RSA Domain Validation Secure Server CA
2024-05-02 -
2025-06-02
a year crt.sh
ani.cursors-4u.net
R3
2024-05-09 -
2024-08-07
3 months crt.sh
syndication.twitter.com
R3
2024-05-22 -
2024-08-20
3 months crt.sh

This page contains 7 frames:

Primary Page: https://hedgehog.exposed/
Frame ID: DFAE044610B0A0A3328EE701D36F1E0E
Requests: 22 HTTP requests in this frame

Frame: https://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
Frame ID: BEEA52F2622BD9D6A8D5A478CBD8BE7F
Requests: 1 HTTP requests in this frame

Frame: https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
Frame ID: 60E5592FAA059A9DCF9AF42CBED5B6BD
Requests: 1 HTTP requests in this frame

Frame: https://www.tumblr.com/dashboard/iframe/consent
Frame ID: 584916EA4AF6F84A0E049775F20D52DD
Requests: 1 HTTP requests in this frame

Frame: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=03e800b27eff76cee863b8346f5e3e52
Frame ID: 723853E2A31AD59F090914A80F610229
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fhedgehog.exposed
Frame ID: 76784F408787D0579ED787F09721B58E
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 354AA0CB85A09DDE716AE2B97B9D7186
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

HEDGEHOG EXPOSED 2015©

Page URL History Show full URLs

  1. http://hedgehog.exposed/ HTTP 307
    https://hedgehog.exposed/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js

Page Statistics

29
Requests

100 %
HTTPS

22 %
IPv6

7
Domains

11
Subdomains

9
IPs

2
Countries

993 kB
Transfer

2524 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hedgehog.exposed/ HTTP 307
    https://hedgehog.exposed/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
hedgehog.exposed/
Redirect Chain
  • http://hedgehog.exposed/
  • https://hedgehog.exposed/
30 KB
12 KB
Document
General
Full URL
https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.6.44.4 Ashburn, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a9f073d8408a7f5f90752932575e7fe397d81727a838f8a5667fd87ed6f5c0d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-encoding
br
content-length
10753
content-security-policy
upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Sat, 29 Jun 2024 22:11:28 GMT
link
<https://64.media.tumblr.com/avatar_2ed04d474b47_128.pnj>; rel=icon
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
server
nginx
strict-transport-security
max-age=15552001
vary
X-UA-Device, Accept, Accept-Encoding
x-content-type-options
nosniff
x-rid
39f36ccf0a78b51e61de881e93fd302b
x-tumblr-pixel
2
x-tumblr-pixel-0
https://px.srvcs.tumblr.com/impixu?T=1719699088&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL2hlZGdlaG9nLmV4cG9zZWQvIiwicmVxdHlwZSI6MCwicm91dGUiOiIvIn0=&U=CEIGFJFPIB&K=ec0950615aaf13fd8e5a6869bc23f8bc623fc1968bf9fa67ce672847d673e6d6--https://px.srvcs.tumblr.com/impixu?T=1719699088&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly9oZWRnZWhvZy5leHBvc2VkLyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyIsInBvc3RzIjpbeyJwb3N0aWQiOiIxMjYzMjk0NTU3NDAiLCJibG9naWQiOjIzMjUxOTM1Niwic291cmNlIjozM30seyJwb3N0aWQiOiIxMjYzMjk0MDYx
x-tumblr-pixel-1
ODAiLCJibG9naWQiOjIzMjUxOTM1Niwic291cmNlIjozM30seyJwb3N0aWQiOiIxMjAwNjcyNzAxNzUiLCJibG9naWQiOjIzMjUxOTM1Niwic291cmNlIjozM31dfQ==&U=EFPGDBGOKN&K=14b50f6a43e5ba5a5217f59ba4276874d79d0f5504443ea605af124161e101d7
x-tumblr-user
hedgehogexposed
x-ua-compatible
IE=Edge,chrome=1
x-ua-device
desktop
x-xss-protection
1; mode=block

Redirect headers

Location
https://hedgehog.exposed/
Non-Authoritative-Reason
HttpsUpgrades
pre_tumblelog.js
assets.tumblr.com/assets/scripts/
3 KB
1 KB
Script
General
Full URL
https://assets.tumblr.com/assets/scripts/pre_tumblelog.js?_v=b9f848c06fcba7eaf305d4a7cb7a1b98
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 1
date
Sat, 29 Jun 2024 22:11:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
last-modified
Sun, 01 Nov 2020 05:00:47 GMT
server
nginx
etag
W/"5f9e40ff-c3e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
index.build.css
assets.tumblr.com/client/prod/standalone/blog-network-npf/
9 KB
2 KB
Stylesheet
General
Full URL
https://assets.tumblr.com/client/prod/standalone/blog-network-npf/index.build.css?_v=f085dde138e244526309d4673db67b4c
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
8d1fdef1af08e6515d0d3dacf6bc4c598a22dd92653b4c8efd41c7408d48d8f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 1
date
Sat, 29 Jun 2024 22:11:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
last-modified
Wed, 05 Jul 2023 07:53:39 GMT
server
nginx
etag
W/"64a52183-245b"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
bilmur.min.js
s0.wp.com/wp-content/js/
6 KB
3 KB
Script
General
Full URL
https://s0.wp.com/wp-content/js/bilmur.min.js?m=202426
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
40cb25cf386062cf660429f20aa17b915e9537d688d55743758aff5e9525a38e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 2
date
Sat, 29 Jun 2024 22:11:28 GMT
content-encoding
br
x-ac
2.hhn _dfw MISS
last-modified
Thu, 13 Jun 2024 14:19:45 GMT
server
nginx
etag
W/"666b0001-1849"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
expires
Tue, 24 Jun 2025 00:00:00 GMT
tumblelog_post_message_queue.js
assets.tumblr.com/assets/scripts/
355 B
544 B
Script
General
Full URL
https://assets.tumblr.com/assets/scripts/tumblelog_post_message_queue.js?_v=a8fadfa499d8cb7c3f8eefdf0b1adfdd
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
ec4317b3c60e5c3f35d9a3662c416d84b0a62b6e11bee8aa70b49eb81937199b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 1
date
Sat, 29 Jun 2024 22:11:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
last-modified
Wed, 21 Oct 2020 05:06:35 GMT
server
nginx
etag
W/"5f8fc1db-163"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
stylesheet.css
assets.tumblr.com/fonts/gibson/
2 KB
869 B
Stylesheet
General
Full URL
https://assets.tumblr.com/fonts/gibson/stylesheet.css?v=3
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 1
date
Sat, 29 Jun 2024 22:11:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
last-modified
Wed, 21 Oct 2020 05:06:35 GMT
server
nginx
etag
W/"5f8fc1db-97e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
kRBHvv8.png
i.imgur.com/
700 KB
700 KB
Image
General
Full URL
https://i.imgur.com/kRBHvv8.png
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
c0bd7cbabf01f5c377e76ed0e3fab11380ca67760a50796001da1b43c5723ec4
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 22:11:28 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
x-amz-cf-pop
MIA3-C5
age
2276592
x-cache
Miss from cloudfront, HIT, HIT
x-amz-storage-class
STANDARD_IA
content-length
716456
x-served-by
cache-iad-kjyo7100127-IAD, cache-fra-eddf8230054-FRA
last-modified
Sun, 02 Aug 2015 20:20:06 GMT
server
cat factory 1.0
x-timer
S1719699088.128432,VS0,VE1
etag
"b9ecc55a15958823bf27e7e0a8059a85"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Qd6U7TtlPal7S2iTRymveWItircE2qHJaN6Nfuu1ZEAkV6RX6Pj6ZQ==
x-cache-hits
24, 0
D7mnMf2.png
i.imgur.com/
3 KB
4 KB
Image
General
Full URL
https://i.imgur.com/D7mnMf2.png
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
0761eda0cb7e85c7e165eadc37551c9a5990d00330189fa4c978c012e02fa907
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 22:11:28 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
2244463
x-amz-cf-pop
IAD12-P2
x-cache
Miss from cloudfront, HIT, HIT
content-length
3356
x-served-by
cache-iad-kiad7000087-IAD, cache-fra-eddf8230054-FRA
last-modified
Mon, 20 Apr 2015 01:44:15 GMT
server
cat factory 1.0
x-timer
S1719699088.128432,VS0,VE1
etag
"a0903ad7f03c465725f51ac3011559d5"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HTxfl7PFHg8iFYEkLxKj1kpESS0sE2ULxG0QkAkTrnAhs3a1rDvF1A==
x-cache-hits
2, 0
PE88X0F.png
i.imgur.com/
9 KB
9 KB
Image
General
Full URL
https://i.imgur.com/PE88X0F.png
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
6b4d2703f69f340d2637b20d1ab571e15f6529e70d785ac7115f8a2b99c2fca0
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 22:11:28 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
2015172
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront, HIT, HIT
content-length
9485
x-served-by
cache-iad-kjyo7100141-IAD, cache-fra-eddf8230054-FRA
last-modified
Mon, 20 Apr 2015 01:44:12 GMT
server
cat factory 1.0
x-timer
S1719699088.137713,VS0,VE1
etag
"05bfe51803c488042729b76be1e81dd6"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
_SadShllhffpL7OumyRwL9_ftgbrEvG_F7iIiQCklY3JEFCudnOkag==
x-cache-hits
85, 0
W9upYQU.gif
i.imgur.com/
44 KB
44 KB
Image
General
Full URL
https://i.imgur.com/W9upYQU.gif
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
cdf4ad804be20bf513231c696680913fd5cde78a01870b7be9a3653f18844dc3
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 22:11:28 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
2524626
x-amz-cf-pop
IAD89-P1
x-cache
Miss from cloudfront, HIT, HIT
content-length
44839
x-served-by
cache-iad-kjyo7100152-IAD, cache-fra-eddf8230054-FRA
last-modified
Mon, 20 Apr 2015 02:09:21 GMT
server
cat factory 1.0
x-timer
S1719699088.139285,VS0,VE2
etag
"0c8310a7b2687d3a5f553829a913dfd1"
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
y_cXBB77sRMC66SEW0SbNGkqKE4kaexeMKO7P0Ig9e8reaoWhD-T9w==
x-cache-hits
9, 0
index.build.js
assets.tumblr.com/client/prod/standalone/tumblelog/
779 KB
157 KB
Script
General
Full URL
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=03e800b27eff76cee863b8346f5e3e52
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
4fb45ef8d349869d6f805c97c6e744770e9e94f42af201d308e3c3de904b6805
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 1
date
Sat, 29 Jun 2024 22:11:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
last-modified
Fri, 21 Jun 2024 10:31:56 GMT
server
nginx
etag
W/"6675569c-c2d26"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 29 Jun 2024 20:29:07 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6141
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 29 Jun 2024 22:29:07 GMT
widgets.js
platform.twitter.com/
91 KB
28 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7E) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 29 Jun 2024 22:11:28 GMT
Content-Encoding
gzip
Age
34
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (amb/6B7E)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
analytics.html
assets.tumblr.com/ Frame BEEA
0
0
Document
General
Full URL
https://assets.tumblr.com/analytics.html?_v=9f5febfd57a8a649c598d888f2d9e062
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload max-age=31536000; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hedgehog.exposed/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000 immutable
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 29 Jun 2024 22:11:28 GMT
etag
W/"5f8fc1db-1664"
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Wed, 21 Oct 2020 05:06:35 GMT
server
nginx
strict-transport-security
max-age=31536000; preload max-age=31536000; preload
timing-allow-origin
*
vary
Accept-Encoding
x-nc
HIT hhn 1
impixu
px.srvcs.tumblr.com/
95 B
441 B
Image
General
Full URL
https://px.srvcs.tumblr.com/impixu?T=1719699088&J=eyJ0eXBlIjoidXJsIiwidXJsIjoiaHR0cDovL2hlZGdlaG9nLmV4cG9zZWQvIiwicmVxdHlwZSI6MCwicm91dGUiOiIvIn0=&U=HCPHPEMAPB&K=0a66544594980c1929bd06b2fded5d961adf17d78c9a8a04f6e3aedb187fdd8e&R=
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 29 Jun 2024 22:11:28 GMT
strict-transport-security
max-age=31536000; preload
server
nginx
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
content-type
image/png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
95
impixu
px.srvcs.tumblr.com/
95 B
442 B
Image
General
Full URL
https://px.srvcs.tumblr.com/impixu?T=1719699088&J=eyJ0eXBlIjoicG9zdCIsInVybCI6Imh0dHA6Ly9oZWRnZWhvZy5leHBvc2VkLyIsInJlcXR5cGUiOjAsInJvdXRlIjoiLyIsInBvc3RzIjpbeyJwb3N0aWQiOiIxMjYzMjk0NTU3NDAiLCJibG9naWQiOjIzMjUxOTM1Niwic291cmNlIjozM30seyJwb3N0aWQiOiIxMjYzMjk0MDYxODAiLCJibG9naWQiOjIzMjUxOTM1Niwic291cmNlIjozM30seyJwb3N0aWQiOiIxMjAwNjcyNzAxNzUiLCJibG9naWQiOjIzMjUxOTM1Niwic291cmNlIjozM31dfQ==&U=BLGEDNFEPI&K=c0e85e9cf5206393852fd19be4105029107275bb467714d3e70bcd7ab5ccdb76&R=
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sat, 29 Jun 2024 22:11:28 GMT
strict-transport-security
max-age=31536000; preload
server
nginx
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
content-type
image/png
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
95
gam308.cur
cur.cursors-4u.net/games/gam-4/
4 KB
4 KB
Image
General
Full URL
https://cur.cursors-4u.net/games/gam-4/gam308.cur
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
96.43.128.66 , United States, ASN19969 (JOESDATACENTER, US),
Reverse DNS
Software
nginx/1.16.1 /
Resource Hash
c6fb0eaf823cba2295a1a5e9f8685ba2e6e7816bb8e5785b74fafa0fc6a2d269

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 29 Jun 2024 22:11:28 GMT
Last-Modified
Wed, 27 Feb 2013 17:58:12 GMT
Server
nginx/1.16.1
ETag
"512e4934-10be"
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4286
showads.js
hedgehog.exposed/assets/scripts/tumblr/dashboard/
0
283 B
Script
General
Full URL
https://hedgehog.exposed/assets/scripts/tumblr/dashboard/showads.js
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=03e800b27eff76cee863b8346f5e3e52
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.6.44.4 Ashburn, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
public
date
Sat, 29 Jun 2024 22:11:28 GMT
last-modified
Sun, 24 Jul 2022 06:12:26 GMT
server
nginx
etag
"62dce2ca-0"
vary
X-UA-Device, Accept
content-type
application/javascript; charset=utf-8
x-ua-device
desktop
cache-control
max-age=315360000, public, must-revalidate, proxy-revalidate, immutable
accept-ranges
bytes
content-length
0
expires
Thu, 31 Dec 2037 23:55:55 GMT
login_check.html
assets.tumblr.com/assets/html/iframe/ Frame 60E5
0
0
Document
General
Full URL
https://assets.tumblr.com/assets/html/iframe/login_check.html?_v=3de94a184d600617102ddd5b48fb36e9
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=03e800b27eff76cee863b8346f5e3e52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload max-age=31536000; preload

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hedgehog.exposed/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
max-age=315360000 immutable
content-encoding
br
content-type
text/html; charset=utf-8
date
Sat, 29 Jun 2024 22:11:28 GMT
etag
W/"63103f7a-270"
expires
Thu, 31 Dec 2037 23:55:55 GMT
last-modified
Thu, 01 Sep 2022 05:13:30 GMT
server
nginx
strict-transport-security
max-age=31536000; preload max-age=31536000; preload
timing-allow-origin
*
vary
Accept-Encoding
x-nc
HIT hhn 1
g.gif
pixel.wp.com/
50 B
178 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=tumblr&tid=3&rand=7502795&_ts=1719699088414&ref=https%3A%2F%2Fhedgehog.exposed%2F
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 29 Jun 2024 22:11:28 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
consent
www.tumblr.com/dashboard/iframe/ Frame 5849
0
0
Document
General
Full URL
https://www.tumblr.com/dashboard/iframe/consent
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=03e800b27eff76cee863b8346f5e3e52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hedgehog.exposed/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy-report-only
script-src 'self' https://assets.tumblr.com https://sb.scorecardresearch.com/beacon.js https://ssl.google-analytics.com/ga.js https://www.google-analytics.com/analytics.js https://fc.yahoo.com/sdarla/php/client.php https://s.yimg.com/rq/darla/ https://www.googletagservices.com/tag/js/gpt.js https://securepubads.g.doubleclick.net/gpt/ https://securepubads.g.doubleclick.net/gampad/ads https://pagead2.googlesyndication.com/pagead/osd.js https://www.google.com/recaptcha/api.js https://*.gemini.yahoo.com https://s.yimg.com/av/gemini/ga/gemini-iframe.js https://s.yimg.com/av/curveball/ 'unsafe-eval' 'nonce-bPKQWYxALo5w28WcizIqCzdFbk'; object-src 'none'; worker-src blob:; base-uri 'self'; report-uri https://www.tumblr.com/svc/cspreports;
content-type
text/html; charset=UTF-8
date
Sat, 29 Jun 2024 22:11:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="Tumblr's privacy policy is available here: https://www.tumblr.com/policy/en/privacy"
pragma
no-cache
referrer-policy
origin-when-cross-origin
server
nginx
strict-transport-security
max-age=31536000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-nc
BYPASS hhn 1
x-rid
30a04b0c191c8c5cd6ec9faf70df1678
x-robots-tag
noindex
x-ua-compatible
IE=Edge,chrome=1
x-xss-protection
1; mode=block
index.build.js
assets.tumblr.com/client/prod/standalone/tumblelog/ Frame 7238
779 KB
0
Script
General
Full URL
https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=03e800b27eff76cee863b8346f5e3e52
Requested by
Host: assets.tumblr.com
URL: https://assets.tumblr.com/client/prod/standalone/tumblelog/index.build.js?_v=03e800b27eff76cee863b8346f5e3e52
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.40 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
assets.tumblr.com
Software
nginx /
Resource Hash
4fb45ef8d349869d6f805c97c6e744770e9e94f42af201d308e3c3de904b6805
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload, max-age=31536000; preload

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-nc
HIT hhn 1
date
Sat, 29 Jun 2024 22:11:28 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload, max-age=31536000; preload
last-modified
Fri, 21 Jun 2024 10:31:56 GMT
server
nginx
etag
W/"6675569c-c2d26"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, immutable
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
g.gif
pixel.wp.com/ Frame 7238
50 B
177 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=tumblr&tid=3&rand=3204325&_ts=1719699088466&ref=https%3A%2F%2Fhedgehog.exposed%2F
Requested by
Host: hedgehog.exposed
URL: https://hedgehog.exposed/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 29 Jun 2024 22:11:28 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400
content-length
50
content-type
image/gif
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame 7678
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Fhedgehog.exposed
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BB9) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hedgehog.exposed/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
8366880
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Jun 2024 22:11:28 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BB9)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
favicon.ico
hedgehog.exposed/
4 KB
1 KB
Other
General
Full URL
https://hedgehog.exposed/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.6.44.4 Ashburn, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7b761e9d0be236b601c68fb2baa2c7dce7841abe45af48a6a66a46d8e186a1c1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 29 Jun 2024 22:11:28 GMT
content-encoding
br
server
nginx
etag
W/"5e8cc811-10fa"
vary
Accept-Encoding
content-type
text/html
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/
8 KB
3 KB
Script
General
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6B7E) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sat, 29 Jun 2024 22:11:28 GMT
Content-Encoding
gzip
Age
8366879
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (amb/6B7E)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 354A
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (amb/6BC7) /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://hedgehog.exposed/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
8366849
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12332
Content-Type
text/html; charset=utf-8
Date
Sat, 29 Jun 2024 22:11:28 GMT
Etag
"e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (amb/6BC7)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/
43 B
292 B
Image
General
Full URL
https://syndication.twitter.com/i/jot/embeds?dnt=1&l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fhedgehog.exposed%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_site_screen_name%22%3A%22tumblr%22%2C%22language%22%3A%22en%22%2C%22message%22%3A%22l%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1719699088764%2C%22dnt%22%3Atrue%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=52e2f430bb964c99c1d665f1c178aa2283a74c38
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.8 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-response-time
114
date
Sat, 29 Jun 2024 22:11:28 GMT
strict-transport-security
max-age=631138519
last-modified
Sat, 29 Jun 2024 22:11:28 GMT
server
tsa_f
vary
Origin
content-type
image/gif
x-transaction-id
5272ac9ea4763326
cache-control
must-revalidate, max-age=600
perf
7402827104
x-connection-hash
234365a027b7ad2f0310dcc43480bcd472def011d894a1c925e880005d13a42b
content-length
43
boom.gif
pixel.wp.com/
0
106 B
Image
General
Full URL
https://pixel.wp.com/boom.gif?bilmur=1&cumulative_layout_shift=0&largest_contentful_paint=551&batcache_hit=0&provider=tumblr.com&service=blognetwork&custom_properties=%7B%22theme%22%3A%22%22%7D&effective_connection_type=4g&rtt=0&downlink=10000&host_name=hedgehog.exposed&url_path=%2F&nt_fetchStart=0&nt_domainLookupStart=109&nt_domainLookupEnd=109&nt_connectStart=109&nt_connectEnd=303&nt_secureConnectionStart=201&nt_requestStart=303&nt_responseStart=466&nt_responseEnd=490&nt_domLoading=468&nt_domInteractive=849&nt_domContentLoadedEventStart=850&nt_domContentLoadedEventEnd=850&nt_domComplete=1023&nt_loadEventStart=1023&nt_loadEventEnd=1023&nt_redirectCount=0&nt_nextHopProtocol=h2&nt_api_level=2&start_render=553&first_contentful_paint=553&resource_size=825165&resource_transferred=169535&resource_cache_percent=0&js_size=807696&js_transferred=164862&js_cache_percent=0&blocking_size=15226&blocking_transferred=4938&blocking_cache_percent=0&last_resource_end=1308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://hedgehog.exposed/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Sat, 29 Jun 2024 22:11:30 GMT
cache-control
no-cache
server
nginx
alt-svc
h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 undefined| event object| fence object| sharedStorage boolean| __pbpa string| translated_warning_string string| GoogleAnalyticsObject function| ga object| Tumblr boolean| COMSCORE object| __twttrll object| twttr object| __twttr function| _ object| Backbone object| scrollMonitor object| google_tag_data object| gaplugins object| gaGlobal object| gaData

0 Cookies

1 Console Messages

Source Level URL
Text
network error URL: https://hedgehog.exposed/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests; default-src https: data:; script-src https: data: 'unsafe-inline' 'unsafe-eval'; style-src https: blob: 'unsafe-inline';
Strict-Transport-Security max-age=15552001
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.tumblr.com
cur.cursors-4u.net
hedgehog.exposed
i.imgur.com
pixel.wp.com
platform.twitter.com
px.srvcs.tumblr.com
s0.wp.com
syndication.twitter.com
www.google-analytics.com
www.tumblr.com
104.244.42.8
192.0.76.3
192.0.77.32
192.0.77.40
199.232.192.193
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:828::200e
66.6.44.4
96.43.128.66
0761eda0cb7e85c7e165eadc37551c9a5990d00330189fa4c978c012e02fa907
0c075ef6d8bd3985f8d49c9fcfeec241bb1a65f636d8cd786ea49f8f6f925ad2
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40cb25cf386062cf660429f20aa17b915e9537d688d55743758aff5e9525a38e
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
4fb45ef8d349869d6f805c97c6e744770e9e94f42af201d308e3c3de904b6805
6b4d2703f69f340d2637b20d1ab571e15f6529e70d785ac7115f8a2b99c2fca0
7b761e9d0be236b601c68fb2baa2c7dce7841abe45af48a6a66a46d8e186a1c1
8d1fdef1af08e6515d0d3dacf6bc4c598a22dd92653b4c8efd41c7408d48d8f6
a9f073d8408a7f5f90752932575e7fe397d81727a838f8a5667fd87ed6f5c0d1
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
c0bd7cbabf01f5c377e76ed0e3fab11380ca67760a50796001da1b43c5723ec4
c6fb0eaf823cba2295a1a5e9f8685ba2e6e7816bb8e5785b74fafa0fc6a2d269
cb9f274aca2fcd18d0ab90868d9e1ff24ea00201b7d2695ce454fc53526cae31
cdf4ad804be20bf513231c696680913fd5cde78a01870b7be9a3653f18844dc3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec4317b3c60e5c3f35d9a3662c416d84b0a62b6e11bee8aa70b49eb81937199b
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1