blog.ethansafar.com Open in urlscan Pro
2a09:8280:1::3:3273 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://blog.ethansafar.com/
Submission: On October 22 via api (October 22nd 2024, 12:39:41 pm UTC) from US — Scanned from GB

Summary HTTP 19 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 8 domains to perform 19 HTTP transactions. The main IP is 2a09:8280:1::3:3273, located in United States and belongs to FLY, US. The main domain is blog.ethansafar.com.
TLS certificate: Issued by E6 on October 20th 2024. Valid for: 3 months.

This is the only time blog.ethansafar.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a09:8280:1::... 2a09:8280:1::3:3273	40509 (FLY) (FLY)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	52.217.94.4 52.217.94.4	16509 (AMAZON-02) (AMAZON-02)
1	3.5.30.157 3.5.30.157	14618 (AMAZON-AES) (AMAZON-AES)
1	199.232.188.157 199.232.188.157	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
19	7

4 2a09:8280:1::3:3273 (United States)

ASN40509 (FLY, US)

blog.ethansafar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.217.94.4 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

phthemes.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.30.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: s3-1-w.amazonaws.com

phaven-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.188.157 (Munich, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	gstatic.com fonts.gstatic.com
5	amazonaws.com phthemes.s3.amazonaws.com phaven-prod.s3.amazonaws.com	42 KB
4	ethansafar.com blog.ethansafar.com	133 KB
1	twitter.com platform.twitter.com — Cisco Umbrella Rank: 1472
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
0	posthaven.com Failed posthaven.com Failed
0	google-analytics.com Failed ssl.google-analytics.com Failed
0	facebook.net Failed connect.facebook.net Failed
19	8

	Domain	Requested by
5	fonts.gstatic.com	fonts.googleapis.com
4	phthemes.s3.amazonaws.com	blog.ethansafar.com phthemes.s3.amazonaws.com
4	blog.ethansafar.com	blog.ethansafar.com
1	platform.twitter.com	blog.ethansafar.com
1	phaven-prod.s3.amazonaws.com	blog.ethansafar.com
1	fonts.googleapis.com	blog.ethansafar.com
0	posthaven.com Failed	blog.ethansafar.com
0	ssl.google-analytics.com Failed	blog.ethansafar.com
0	connect.facebook.net Failed	blog.ethansafar.com
19	9

This site contains links to these domains. Also see Links.

Domain
posthaven.com
twitter.com

Subject Issuer	Validity	Valid
blog.ethansafar.com E6	`2024-10-20` - `2025-01-18`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2024-04-22` - `2025-04-07`	a year	crt.sh
*.twimg.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-24` - `2025-07-25`	a year	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://blog.ethansafar.com/
Frame ID: FF04CC8F4E833074521773CA6CE5A2D9
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ethan Safar

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

19
Requests

84 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

176 kB
Transfer

658 kB
Size

1
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://posthaven.com/dashboard#sites/17949
Title: Manage

Search URL Search Domain Scan URL

URL: https://posthaven.com/dashboard#sites/17949/posts/new
Title: New Post

Search URL Search Domain Scan URL

URL: https://posthaven.com/users/sign_in?return_host=blog.ethansafar.com
Title: Login

Search URL Search Domain Scan URL

URL: https://posthaven.com/

Search URL Search Domain Scan URL

URL: https://twitter.com/share
Title: Tweet

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
blog.ethansafar.com/ 15 KB
6 KB 514ms
210ms Document
text/html 2a09:8280:1::3:3273
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ethansafar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/9b9e2ecb (2024-10-21) /
Resource Hash: f8ca88443f29caf963e913ecd99bb7535eec5c74192fae4b87229553a116a110

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: max-age=0, private, must-revalidate
content-encoding: zstd
content-type: text/html; charset=utf-8
date: Tue, 22 Oct 2024 12:39:04 GMT
etag: "5247023c14b180bf6f5f15b3a4307635"
fly-request-id: 01JAT3SVW8P1T0VTDVZV067DQ7-lhr
server: Fly/9b9e2ecb (2024-10-21)
vary: Origin
via: 2 fly.io
x-request-id: f79f76b90143194d04b4f1edae327fe9
x-runtime: 0.027294
x-ua-compatible: IE=Edge,chrome=1

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 919ms
154ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext

Requested by

Host: blog.ethansafar.com
URL: https://blog.ethansafar.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3fab9eba52cd53a3e652c26daa540d2cf3f700f0d3289480dc2ed7757537b096

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://blog.ethansafar.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 12:39:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 12:39:06 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 12:39:06 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H/1.1 200
OK blog.css
phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/ 35 KB
35 KB 1207ms
161ms Stylesheet
text/css 52.217.94.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214
Requested by: Host: blog.ethansafar.com
URL: https://blog.ethansafar.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.94.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b93465d3fc129e70c76ffb3ef318a203067c98d5436b6787f9eb9a1545e33d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://blog.ethansafar.com/

Response headers

Cache-Control: max-age=315576000
ETag: "1a55cdbb31acf46778066aab124a314e"
x-amz-request-id: P8RYZYY1XBMS187J
Accept-Ranges: bytes
Content-Length: 35553
Date: Tue, 22 Oct 2024 12:39:07 GMT
Last-Modified: Fri, 10 Jul 2020 08:53:35 GMT
Content-Type: text/css
Server: AmazonS3
x-amz-id-2: XoKJEzz+1xM4dpLqagO1yZid2DYmhbNhR46k5nWjYvIAPE8Csy8EPSP/GLCGU7ykXy1h8lXjM/g=

GET
H2 200 blog-internal-ebf9cc379e51c299993a0f443d1fee65.css
blog.ethansafar.com/assets/ 13 KB
3 KB 219ms
184ms Stylesheet
text/css 2a09:8280:1::3:3273
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ethansafar.com/assets/blog-internal-ebf9cc379e51c299993a0f443d1fee65.css
Requested by: Host: blog.ethansafar.com
URL: https://blog.ethansafar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/9b9e2ecb (2024-10-21) /
Resource Hash: f1aef69912f71599a6bb9fc89c0e9d23aaeb9c2949f29e995ac00463169fcbf2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://blog.ethansafar.com/

Response headers

cache-control: public, max-age=0, must-revalidate
content-encoding: zstd
etag: W/"325d-66246ac5.0"
via: 2 fly.io
accept-ranges: bytes
date: Tue, 22 Oct 2024 12:39:05 GMT
last-modified: Sun, 21 Apr 2024 01:24:21 GMT
content-type: text/css
server: Fly/9b9e2ecb (2024-10-21)
fly-request-id: 01JAT3SW71116M8GQ4Q0T6EAFZ-lhr
fly-cache-status: HIT

GET
H/1.1 200
OK medium_4830b293fa5bde1d0cc1c4e0755e5b0095aa09aaa5e08d1b6bf0d3fe188e41c9.png
phaven-prod.s3.amazonaws.com/files/image_part/asset/3241416/0CXXfpy6ILZQnuT9UXIix47nqjw/ 181 KB
0 1266ms
221ms Image
image/png 3.5.30.157
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phaven-prod.s3.amazonaws.com/files/image_part/asset/3241416/0CXXfpy6ILZQnuT9UXIix47nqjw/medium_4830b293fa5bde1d0cc1c4e0755e5b0095aa09aaa5e08d1b6bf0d3fe188e41c9.png
Requested by: Host: blog.ethansafar.com
URL: https://blog.ethansafar.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.30.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://blog.ethansafar.com/

Response headers

x-amz-id-2: TP3elKiMOTLySqFt40TeSjZjqPNBUHz4XrWTfM7c3m4GBY00Vvxty5+MKZ1tT+MKSgjYmgALrlz3aK3bUGpDqFhWiSsrB14M
Cache-Control: max-age=315576000
ETag: "41367e3118c5851bec5b1f81faabfd92"
x-amz-version-id: oqtFGxUqzWFoy6Zpq2ALsSPUqVVwGAZe
x-amz-request-id: P8RX1PZM2CS9DRQ8
Accept-Ranges: bytes
Content-Length: 980022
Date: Tue, 22 Oct 2024 12:39:07 GMT
Last-Modified: Sun, 20 Oct 2024 21:26:30 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 widgets.js
platform.twitter.com/ 33 KB
0 945ms
119ms Script
application/javascript 199.232.188.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: blog.ethansafar.com
URL: https://blog.ethansafar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.188.157 Munich, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://blog.ethansafar.com/

Response headers

content-encoding: gzip
etag: "824beb891744db98ccbd3a456e59e0f7+gzip"
access-control-allow-methods: GET
x-cache: HIT, HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
date: Tue, 22 Oct 2024 12:39:07 GMT
last-modified: Mon, 11 Dec 2023 17:20:28 GMT
vary: Accept-Encoding
x-served-by: cache-iad-kcgs7200137-IAD, cache-muc13920-MUC
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=1800
tw-cdn: FT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27597
x-amz-server-side-encryption: AES256

GET
H2 200 blog-56896baaa1bed614a7389ca92efb3991.js Show response
blog.ethansafar.com/assets/ 372 KB
123 KB 143ms
114ms Script
application/javascript 2a09:8280:1::3:3273
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ethansafar.com/assets/blog-56896baaa1bed614a7389ca92efb3991.js
Requested by: Host: blog.ethansafar.com
URL: https://blog.ethansafar.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/9b9e2ecb (2024-10-21) /
Resource Hash: de7796072b83d47fce7ad639ef77ac2a750cd7f4dbb038677559235635a6ff9d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://blog.ethansafar.com/

Response headers

cache-control: public, max-age=0, must-revalidate
content-encoding: zstd
etag: W/"5d012-66246ac5.0"
via: 2 fly.io
accept-ranges: bytes
date: Tue, 22 Oct 2024 12:39:05 GMT
last-modified: Sun, 21 Apr 2024 01:24:21 GMT
content-type: application/javascript
server: Fly/9b9e2ecb (2024-10-21)
fly-request-id: 01JAT3SW714RQ55AVJR22HNR9F-lhr
fly-cache-status: HIT

GET sdk.js
connect.facebook.net/en_US/ 0
0

GET
H/1.1 200
OK posthaven-tab-1x.png
phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/ 2 KB
2 KB 355ms
355ms Image
image/png 52.217.94.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/posthaven-tab-1x.png
Requested by: Host: phthemes.s3.amazonaws.com
URL: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.94.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 27ce16190f5e1d36a54c12e8f64b3f166408d2c647a4c2bd56aa62da82753f45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214

Response headers

Cache-Control: max-age=315576000
ETag: "9527c6f041742b3dc18b2c249b3a693f"
x-amz-request-id: VQR9F6PMMWY8ECTJ
Accept-Ranges: bytes
Content-Length: 1916
Date: Tue, 22 Oct 2024 12:39:08 GMT
Last-Modified: Tue, 10 Dec 2019 16:01:16 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-id-2: pc1lBp8TujuxOeZUOcXrwwmClNQhMfqj+Ke2yIGvdQr5Hvo9NfzYrcAwY+exJ5df5fV4dZys3M4=

GET
H/1.1 200
OK search.png
phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/ 3 KB
3 KB 906ms
508ms Image
image/png 52.217.94.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/search.png
Requested by: Host: phthemes.s3.amazonaws.com
URL: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.217.94.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1b0ad54756d56c32a08b0b47e4351dbfc48e7382a948189268e5bfd26c9554e6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214

Response headers

Cache-Control: max-age=315576000
ETag: "d4edd6f1da43ec1d10255ef5edd311b4"
x-amz-request-id: VQR5JTFGZA6PCTQV
Accept-Ranges: bytes
Content-Length: 2847
Date: Tue, 22 Oct 2024 12:39:08 GMT
Last-Modified: Tue, 10 Dec 2019 16:01:15 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-id-2: s9UFHGJoUoQkZTOtEo/M1wc6kns81twD/NaistKOUEQ2a3woM2mnlFd8RASW3NyDRV02b4kgsys=

GET
H3 200 2sDfZG1Wl4LcnbuKjk0m.woff2
fonts.gstatic.com/s/oxygen/v15/ 0
0 20882ms
20236ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDfZG1Wl4LcnbuKjk0m.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://blog.ethansafar.com
Referer: https://fonts.googleapis.com/

Response headers

age: 39380
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 01:42:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 01:42:47 GMT
last-modified: Mon, 09 May 2022 18:31:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16348
x-xss-protection: 0
server: sffe

GET
H/1.1 200
OK feed14.png
phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/ 689 B
1 KB 889ms
513ms Image
image/png 52.217.94.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/images/feed14.png
Requested by: Host: phthemes.s3.amazonaws.com
URL: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214
Protocol: HTTP/1.1
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 52.217.94.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8ee173565b2e771fecf3b471a79bdf072aaa1bd9dc27582cfda2b2a322beeba8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://phthemes.s3.amazonaws.com/1/lpmGCkGbHyh0vsId/blog.css?v=1594371214

Response headers

Cache-Control: max-age=315576000
ETag: "2168a573d0d45bd2f9a89b8236453d61"
x-amz-request-id: VQRB9VM68AFXRHDM
Accept-Ranges: bytes
Content-Length: 689
Date: Tue, 22 Oct 2024 12:39:08 GMT
Last-Modified: Tue, 10 Dec 2019 16:01:15 GMT
Content-Type: image/png
Server: AmazonS3
x-amz-id-2: 7vO1VdwVbKqxqlOYftI9OoDFU8uXTqEStWY3PfCUHd3b4+BDFDBwDgd/eQHo4inQ/pOgAK7x3zs=

GET
H3 200 wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2
fonts.gstatic.com/s/crimsontext/v19/ 0
0 20878ms
20232ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/crimsontext/v19/wlp2gwHKFkZgtmSR3NB0oRJfbwhT.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://blog.ethansafar.com
Referer: https://fonts.googleapis.com/

Response headers

age: 58139
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 20:30:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 20:30:08 GMT
last-modified: Tue, 24 May 2022 18:26:18 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 25184
x-xss-protection: 0
server: sffe

GET
H3 200 wlpogwHKFkZgtmSR3NB0oRJfajhRK_Y.woff2
fonts.gstatic.com/s/crimsontext/v19/ 0
0 20879ms
20234ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/crimsontext/v19/wlpogwHKFkZgtmSR3NB0oRJfajhRK_Y.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://blog.ethansafar.com
Referer: https://fonts.googleapis.com/

Response headers

age: 550124
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:50:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:50:23 GMT
last-modified: Tue, 24 May 2022 18:28:35 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26052
x-xss-protection: 0
server: sffe

GET
H3 200 2sDcZG1Wl4LcnbuCNWgzaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 0
0 20875ms
20233ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCNWgzaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://blog.ethansafar.com
Referer: https://fonts.googleapis.com/

Response headers

age: 52289
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 21 Oct 2025 22:07:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 21 Oct 2024 22:07:38 GMT
last-modified: Mon, 09 May 2022 18:30:51 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16172
x-xss-protection: 0
server: sffe

GET
H3 200 2sDcZG1Wl4LcnbuCJW8zaGW5.woff2
fonts.gstatic.com/s/oxygen/v15/ 0
0 20862ms
20222ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oxygen/v15/2sDcZG1Wl4LcnbuCJW8zaGW5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oxygen:400,700,300|Crimson+Text:400,400italic&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://blog.ethansafar.com
Referer: https://fonts.googleapis.com/

Response headers

age: 550959
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 03:36:28 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 03:36:28 GMT
last-modified: Mon, 09 May 2022 18:30:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 15792
x-xss-protection: 0
server: sffe

GET
H2 200 cs.json Show response
blog.ethansafar.com/posthaven/ 115 B
531 B 407ms
407ms XHR
application/json 2a09:8280:1::3:3273
FLY

General

Check archive.org

Show headers Download Go to

Full URL: https://blog.ethansafar.com/posthaven/cs.json?pids=2146779&counter=site-17949
Requested by: Host: blog.ethansafar.com
URL: https://blog.ethansafar.com/assets/blog-56896baaa1bed614a7389ca92efb3991.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a09:8280:1::3:3273 , United States, ASN40509 (FLY, US),
Reverse DNS
Software: Fly/9b9e2ecb (2024-10-21) /
Resource Hash: 7bcbebeacfe3c359cdebb58ae3fe14c6dafccd16bc65a9a682f0954d219f02ee

Request headers

Referer: https://blog.ethansafar.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: */*

Response headers

fly-request-id: 01JAT3SXVHHHZP76RG8T926RBF-lhr
x-request-id: c3198d66c57a45b4d79d17fdf90a76df
cache-control: max-age=0, private, must-revalidate
content-encoding: zstd
etag: "b9ddbe672981f19aa9e6e601d9c19995"
via: 2 fly.io
x-ua-compatible: IE=Edge,chrome=1
date: Tue, 22 Oct 2024 12:39:06 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.013488
server: Fly/9b9e2ecb (2024-10-21)

GET ga.js
ssl.google-analytics.com/ 0
0

GET check.js
posthaven.com/xd/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Domain: ssl.google-analytics.com
URL: https://ssl.google-analytics.com/ga.js

Domain: posthaven.com
URL: https://posthaven.com/xd/check.js?hostname=blog.ethansafar.com&_=1729600747007

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Posthaven function| fbAsyncInit function| jQuery object| _gaq

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.ethansafar.com/	1969-12-31 23:59:59	Name: _posthaven_session Value: BAh7B0kiD3Nlc3Npb25faWQGOgZFVEkiJTMyMzRhNTA3YzljNDgzOTE4ZjUwMzkxODAwZTEyZGI2BjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUpBMWhNQ1RYbWIrOXlJSWpjUUdnWmJNN1FvTVFRa0FuNDRVS0NLRjlQaTQ9BjsARg%3D%3D--d77665975ff4c8155183d9ee29b7d756baf2e10e

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blog.ethansafar.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
phaven-prod.s3.amazonaws.com
phthemes.s3.amazonaws.com
platform.twitter.com
posthaven.com
ssl.google-analytics.com
connect.facebook.net
posthaven.com
ssl.google-analytics.com
199.232.188.157
2a00:1450:4001:803::200a
2a00:1450:4001:80e::2003
2a09:8280:1::3:3273
3.5.30.157
52.217.94.4
1b0ad54756d56c32a08b0b47e4351dbfc48e7382a948189268e5bfd26c9554e6
1b93465d3fc129e70c76ffb3ef318a203067c98d5436b6787f9eb9a1545e33d1
27ce16190f5e1d36a54c12e8f64b3f166408d2c647a4c2bd56aa62da82753f45
3fab9eba52cd53a3e652c26daa540d2cf3f700f0d3289480dc2ed7757537b096
7bcbebeacfe3c359cdebb58ae3fe14c6dafccd16bc65a9a682f0954d219f02ee
8ee173565b2e771fecf3b471a79bdf072aaa1bd9dc27582cfda2b2a322beeba8
de7796072b83d47fce7ad639ef77ac2a750cd7f4dbb038677559235635a6ff9d
f1aef69912f71599a6bb9fc89c0e9d23aaeb9c2949f29e995ac00463169fcbf2
f8ca88443f29caf963e913ecd99bb7535eec5c74192fae4b87229553a116a110

blog.ethansafar.com Open in urlscan Pro 2a09:8280:1::3:3273 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

19 Requests

84 %HTTPS

50 %IPv6

8 Domains

9 Subdomains

7 IPs

2 Countries

176 kBTransfer

658 kBSize

1 Cookies

5 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

1 Cookies

Indicators

blog.ethansafar.com Open in urlscan Pro
2a09:8280:1::3:3273 Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

84 %
HTTPS

50 %
IPv6

8
Domains

9
Subdomains

7
IPs

2
Countries

176 kB
Transfer

658 kB
Size

1
Cookies

19 HTTP transactions
0 data transactions