URL: http://ffindemich.com/h42Wb6Lt
Submission: On August 30 via manual from SV

Summary

This website contacted 12 IPs in 7 countries across 11 domains to perform 26 HTTP transactions. The main IP is 45.81.225.43, located in Netherlands and belongs to ON-LINE-DATA Server location - Netherlands, Dronten, NL. The main domain is ffindemich.com.
This is the only time ffindemich.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
8 teletype.in ffindemich.com
teletype.in
4 mc.yandex.ru 1 redirects ffindemich.com
4 connect.facebook.net ffindemich.com
teletype.in
connect.facebook.net
2 platform.twitter.com teletype.in
platform.twitter.com
2 apis.google.com teletype.in
apis.google.com
2 www.google-analytics.com 1 redirects www.googletagmanager.com
1 accounts.google.com apis.google.com
1 www.facebook.com connect.facebook.net
1 stats.g.doubleclick.net ffindemich.com
1 cdn.onesignal.com teletype.in
1 www.googletagmanager.com ffindemich.com
1 ffindemich.com
26 12

This site contains links to these domains. Also see Links.

Domain
teletype.in
Subject Issuer Validity Valid
teletype.in
Let's Encrypt Authority X3
2020-07-28 -
2020-10-26
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-08-11 -
2020-11-03
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2020-07-21 -
2020-10-12
3 months crt.sh
mc.yandex.ru
Yandex CA
2019-09-23 -
2020-09-22
a year crt.sh
*.apis.google.com
GTS CA 1O1
2020-08-11 -
2020-11-03
3 months crt.sh
*.twimg.com
DigiCert SHA2 High Assurance Server CA
2019-11-12 -
2020-11-18
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-08-04 -
2021-08-04
a year crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-08-11 -
2020-11-03
3 months crt.sh
*.google.com
GTS CA 1O1
2020-08-11 -
2020-11-03
3 months crt.sh
accounts.google.com
GTS CA 1O1
2020-08-11 -
2020-11-03
3 months crt.sh

This page contains 3 frames:

Primary Page: http://ffindemich.com/h42Wb6Lt
Frame ID: 01CCE6D90481D4CCC675A49F4278B2C0
Requests: 24 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.3c5aa8e2a38bbbee4b6d88e6846fc657.html?origin=http%3A%2F%2Fffindemich.com
Frame ID: 393CFDF1C65D638445D4BA006BE089DD
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 6DBF95DC7CC5768776CF27A1ED54E38C
Requests: 1 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

26
Requests

96 %
HTTPS

85 %
IPv6

11
Domains

12
Subdomains

12
IPs

7
Countries

1076 kB
Transfer

3123 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=577611252&t=pageview&_s=1&dl=http%3A%2F%2Fffindemich.com%2Fh42Wb6Lt&ul=en-us&de=UTF-8&dt=Teletype&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=833389972&gjid=722428785&cid=229412917.1598806937&tid=UA-91913048-1&_gid=1439321148.1598806937&_r=1&gtm=2ou8j2&z=1819035384 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91913048-1&cid=229412917.1598806937&jid=833389972&_gid=1439321148.1598806937&gjid=722428785&_v=j83&z=1819035384
Request Chain 18
  • https://mc.yandex.ru/watch/42100904?wmode=7&page-url=http%3A%2F%2Fffindemich.com%2Fh42Wb6Lt&charset=utf-8&browser-info=ti%3A10%3Avc%3Ab%3Ans%3A1598806935827%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200830190216%3Aet%3A1598806937%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1576530294904%3Arqn%3A1%3Arn%3A771793020%3Ahid%3A102283031%3Ads%3A0%2C29%2C224%2C3%2C0%2C0%2C0%2C246%2C0%2C%2C%2C%2C666%3Afp%3A575%3Awn%3A43898%3Ahl%3A2%3Agdpr%3A14%3Av%3A1928%3Awv%3A2%3Arqnl%3A1%3Ast%3A1598806937%3Au%3A1598806937799931273%3At%3ATeletype HTTP 302
  • https://mc.yandex.ru/watch/42100904/1?wmode=7&page-url=http%3A%2F%2Fffindemich.com%2Fh42Wb6Lt&charset=utf-8&browser-info=ti%3A10%3Avc%3Ab%3Ans%3A1598806935827%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200830190216%3Aet%3A1598806937%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1576530294904%3Arqn%3A1%3Arn%3A771793020%3Ahid%3A102283031%3Ads%3A0%2C29%2C224%2C3%2C0%2C0%2C0%2C246%2C0%2C%2C%2C%2C666%3Afp%3A575%3Awn%3A43898%3Ahl%3A2%3Agdpr%3A14%3Av%3A1928%3Awv%3A2%3Arqnl%3A1%3Ast%3A1598806937%3Au%3A1598806937799931273%3At%3ATeletype

26 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set h42Wb6Lt
ffindemich.com/
13 KB
5 KB
Document
General
Full URL
http://ffindemich.com/h42Wb6Lt
Protocol
HTTP/1.1
Server
45.81.225.43 , Netherlands, ASN204601 (ON-LINE-DATA Server location - Netherlands, Dronten, NL),
Reverse DNS
vm999166.had.pm
Software
nginx /
Resource Hash
4896f60ab77a3b1611def7835777dab61815c7e1d0c2d4ce02619a95876d0f23
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
ffindemich.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx
Date
Sun, 30 Aug 2020 17:02:16 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires
0
Last-Modified
Sun, 30 Aug 2020 17:02:15 GMT
Pragma
no-cache
Set-Cookie
_subid=3pca89rpl2ch7t;Expires=Wednesday, 30-Sep-2020 17:02:15 GMT;Max-Age=2678400;Path=/ 44d2d=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI4M1wiOjE1OTg4MDY5MzV9LFwiY2FtcGFpZ25zXCI6e1wiMTM5XCI6MTU5ODgwNjkzNX0sXCJ0aW1lXCI6MTU5ODgwNjkzNX0ifQ.ZWibVPxSxLWi2xmbJdTltAnqaHKlRs94jaHkdV6oq2A;Expires=Wednesday, 30-Sep-2020 17:02:16 GMT;Max-Age=2678400;Path=/
X-Content-Type-Options
nosniff
Content-Encoding
gzip
vendors~main.0a9e37269530d52fcff7.bundle.js
teletype.in/static/
530 KB
171 KB
Script
General
Full URL
https://teletype.in/static/vendors~main.0a9e37269530d52fcff7.bundle.js
Requested by
Host: ffindemich.com
URL: http://ffindemich.com/h42Wb6Lt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.132.114.207 , France, ASN16276 (OVH, FR),
Reverse DNS
fo1.teletype.in
Software
nginx /
Resource Hash
12128a7962324a8aafc543f78bf344ace1d79985369e931745cb87609421484e

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 13:11:27 GMT
server
nginx
etag
W/"5f3a81ff-848d9"
status
200
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
service-worker-allowed
/
expires
Mon, 31 Aug 2020 13:28:06 GMT
main.0a9e37269530d52fcff7.css
teletype.in/static/
213 KB
28 KB
Stylesheet
General
Full URL
https://teletype.in/static/main.0a9e37269530d52fcff7.css
Requested by
Host: ffindemich.com
URL: http://ffindemich.com/h42Wb6Lt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.132.114.207 , France, ASN16276 (OVH, FR),
Reverse DNS
fo1.teletype.in
Software
nginx /
Resource Hash
77051dc143f431451c9e356fd64c3f2907f55a85cd1ed4e76954f66623bf0d0d

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 13:11:27 GMT
server
nginx
etag
W/"5f3a81ff-355db"
status
200
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
service-worker-allowed
/
expires
Mon, 31 Aug 2020 13:28:06 GMT
main.0a9e37269530d52fcff7.js
teletype.in/static/
437 KB
100 KB
Script
General
Full URL
https://teletype.in/static/main.0a9e37269530d52fcff7.js
Requested by
Host: ffindemich.com
URL: http://ffindemich.com/h42Wb6Lt
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.132.114.207 , France, ASN16276 (OVH, FR),
Reverse DNS
fo1.teletype.in
Software
nginx /
Resource Hash
43faf91e264eebd35683ef882dedf752aeef4ee3e830ae7e5483e0baaed339b7

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 13:11:27 GMT
server
nginx
etag
W/"5f3a81ff-6d590"
status
200
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
service-worker-allowed
/
expires
Mon, 31 Aug 2020 13:28:06 GMT
js
www.googletagmanager.com/gtag/
89 KB
35 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91913048-1
Requested by
Host: ffindemich.com
URL: http://ffindemich.com/h42Wb6Lt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
696fa95a5ece545232e0ae61b56ba23b3bd5c17b3a36df8f768326692c682f28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35831
x-xss-protection
0
last-modified
Sun, 30 Aug 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 30 Aug 2020 17:02:16 GMT
fbevents.js
connect.facebook.net/en_US/
134 KB
34 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: ffindemich.com
URL: http://ffindemich.com/h42Wb6Lt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34269
x-xss-protection
0
pragma
public
x-fb-debug
b9SrbgqJqYR6G1H8dkbcudAXyrD0eRy94yS53LGu+XHKz/MJkeAnnbiFbtwzn67VZLsJR5QgIDj2ZV27YtZ4cQ==
x-fb-trip-id
1781455057
x-frame-options
DENY
date
Sun, 30 Aug 2020 17:02:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
tag.js
mc.yandex.ru/metrika/
366 KB
93 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ffindemich.com
URL: http://ffindemich.com/h42Wb6Lt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
4d796be11bec249b91f041f8caaf455bd84b60aed6fcb6be1472a638f2a5dc1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 17:02:16 GMT
Content-Encoding
br
Last-Modified
Wed, 26 Aug 2020 09:15:52 GMT
Server
nginx/1.14.2
ETag
"5f462848-17411"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
95249
Expires
Sun, 30 Aug 2020 18:02:16 GMT
preloader.b4f75a61aa9987a5b1df52d4cc9388a5.svg
teletype.in/static/images/
326 B
452 B
Image
General
Full URL
https://teletype.in/static/images/preloader.b4f75a61aa9987a5b1df52d4cc9388a5.svg
Requested by
Host: teletype.in
URL: https://teletype.in/static/main.0a9e37269530d52fcff7.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.132.114.207 , France, ASN16276 (OVH, FR),
Reverse DNS
fo1.teletype.in
Software
nginx /
Resource Hash
561d54e1c1e1ac073bf1878db1d5bdb28e73d5a060a92a21a3a890ce4ebe3715

Request headers

Referer
https://teletype.in/static/main.0a9e37269530d52fcff7.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 13:11:27 GMT
server
nginx
etag
W/"5f3a81ff-146"
status
200
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
service-worker-allowed
/
expires
Tue, 01 Sep 2020 17:40:05 GMT
icon_done.d38fe89245814306f850ffff237751d2.svg
teletype.in/static/images/
260 B
434 B
Image
General
Full URL
https://teletype.in/static/images/icon_done.d38fe89245814306f850ffff237751d2.svg
Requested by
Host: teletype.in
URL: https://teletype.in/static/main.0a9e37269530d52fcff7.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.132.114.207 , France, ASN16276 (OVH, FR),
Reverse DNS
fo1.teletype.in
Software
nginx /
Resource Hash
fbc7c8325990a632272981a4eee891acf797d4bc7d876132cdbd2991b6650020

Request headers

Referer
https://teletype.in/static/main.0a9e37269530d52fcff7.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
content-encoding
gzip
last-modified
Mon, 17 Aug 2020 13:11:27 GMT
server
nginx
etag
W/"5f3a81ff-104"
status
200
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
service-worker-allowed
/
expires
Tue, 01 Sep 2020 17:40:08 GMT
inter_medium.f6cf0a0bc5fce3307e2c426eb14eb752.woff2
teletype.in/static/fonts/
104 KB
104 KB
Font
General
Full URL
https://teletype.in/static/fonts/inter_medium.f6cf0a0bc5fce3307e2c426eb14eb752.woff2
Requested by
Host: teletype.in
URL: https://teletype.in/static/main.0a9e37269530d52fcff7.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.132.114.207 , France, ASN16276 (OVH, FR),
Reverse DNS
fo1.teletype.in
Software
nginx /
Resource Hash
5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55

Request headers

Origin
http://ffindemich.com
Referer
https://teletype.in/static/main.0a9e37269530d52fcff7.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
last-modified
Mon, 17 Aug 2020 13:11:27 GMT
server
nginx
etag
"5f3a81ff-19ff4"
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
106484
service-worker-allowed
/
expires
Wed, 02 Sep 2020 13:13:50 GMT
inter_bold.aed27700d84e327fda56b4a427b03061.woff2
teletype.in/static/fonts/
105 KB
105 KB
Font
General
Full URL
https://teletype.in/static/fonts/inter_bold.aed27700d84e327fda56b4a427b03061.woff2
Requested by
Host: teletype.in
URL: https://teletype.in/static/main.0a9e37269530d52fcff7.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.132.114.207 , France, ASN16276 (OVH, FR),
Reverse DNS
fo1.teletype.in
Software
nginx /
Resource Hash
6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8

Request headers

Origin
http://ffindemich.com
Referer
https://teletype.in/static/main.0a9e37269530d52fcff7.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
last-modified
Mon, 17 Aug 2020 13:11:27 GMT
server
nginx
etag
"5f3a81ff-1a288"
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
107144
service-worker-allowed
/
expires
Wed, 02 Sep 2020 13:13:56 GMT
inter_regular.4dd66a113d54a7f9a1ae913049610617.woff2
teletype.in/static/fonts/
98 KB
98 KB
Font
General
Full URL
https://teletype.in/static/fonts/inter_regular.4dd66a113d54a7f9a1ae913049610617.woff2
Requested by
Host: teletype.in
URL: https://teletype.in/static/main.0a9e37269530d52fcff7.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
164.132.114.207 , France, ASN16276 (OVH, FR),
Reverse DNS
fo1.teletype.in
Software
nginx /
Resource Hash
89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814

Request headers

Origin
http://ffindemich.com
Referer
https://teletype.in/static/main.0a9e37269530d52fcff7.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
last-modified
Mon, 17 Aug 2020 13:11:27 GMT
server
nginx
etag
"5f3a81ff-18810"
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
100368
service-worker-allowed
/
expires
Wed, 02 Sep 2020 13:13:50 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91913048-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6396
date
Sun, 30 Aug 2020 15:15:40 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Sun, 30 Aug 2020 17:15:40 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: teletype.in
URL: https://teletype.in/static/main.0a9e37269530d52fcff7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cb2d7dd188b35056c09a404e3c501690c8a761ec7eee5ec6c0271f51814f3044
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
HGb+V1H5aErZe64pTSPaWw==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1781
etag
"f1cecf628eda8ced30938846b9125224"
x-fb-debug
FTw4ilVZwolbddvqHuFl5CEx0QjsAqitgV8Jyh8KLJZL5/f80ZUPkqEZERafqCwMAbTQvcYEJcFu2v2DFCIg1A==
x-fb-trip-id
1781455057
x-fb-content-md5
29c0961020336579a66c509e2cb9ca8b
x-frame-options
DENY
date
Sun, 30 Aug 2020 17:02:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 30 Aug 2020 17:13:09 GMT
platform.js
apis.google.com/js/
49 KB
20 KB
Script
General
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: teletype.in
URL: https://teletype.in/static/main.0a9e37269530d52fcff7.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
092f3201317b7ef608f6a899d395d36cffcca4d6824f00bc50120e84341c76f2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eFGpv5OXqJQEBlou0KLZsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
200
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"81b6c5d10475fc4c0084a56d3b41af80"
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-eFGpv5OXqJQEBlou0KLZsw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sun, 30 Aug 2020 17:02:16 GMT
widgets.js
platform.twitter.com/
95 KB
29 KB
Script
General
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: teletype.in
URL: https://teletype.in/static/main.0a9e37269530d52fcff7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E8) /
Resource Hash
6adaf62612623c674af2f597baf83ffa56f157a9ab69346be7c11a9569fdebbc

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 17:02:16 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Age
1162
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length
28825
x-tw-cdn
VZ
Last-Modified
Thu, 30 Jul 2020 22:04:50 GMT
Server
ECS (fcn/40E8)
Etag
"1dc37899f984d453c1d3d8179829f041+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
OneSignalSDK.js
cdn.onesignal.com/sdks/
8 KB
3 KB
Script
General
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js
Requested by
Host: teletype.in
URL: https://teletype.in/static/main.0a9e37269530d52fcff7.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6825b92753d2d2ddd3fcbb3ec0481c2a48a93917f96e7758da2c330403b5740d

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 30 Aug 2020 17:02:16 GMT
content-encoding
gzip
cf-cache-status
HIT
server
cloudflare
age
3547
etag
W/"07fe8328bd2f934c60350007c3e625e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=43200
cf-ray
5cb014191f83073e-FRA
cf-request-id
04e1eae3aa0000073eaaaef200000001
expires
Mon, 31 Aug 2020 05:02:16 GMT
2021101668138555
connect.facebook.net/signals/config/
524 KB
132 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/2021101668138555?v=2.9.23&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3adcd43de0a1921a9c87eaf7aa8ef5d65d448ea66ac1baab8faa63a5811330ec
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
135235
x-xss-protection
0
pragma
public
x-fb-debug
/STkESG8Yvqkym1dazXHb8bU7HASmNdrSM5NHXNF+K/fN4lXCyo9/XWTsJjxM6IIgNeogSvZQ8cGqBRtITdxiA==
x-fb-trip-id
1781455057
x-frame-options
DENY
date
Sun, 30 Aug 2020 17:02:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=577611252&t=pageview&_s=1&dl=http%3A%2F%2Fffindemich.com%2Fh42Wb6Lt&ul=en-us&de=UTF-8&dt=Teletype&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91913048-1&cid=229412917.1598806937&jid=833389972&_gid=1439321148.1598806937&gjid=722428785&_v=j83&z=1819035384
35 B
99 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91913048-1&cid=229412917.1598806937&jid=833389972&_gid=1439321148.1598806937&gjid=722428785&_v=j83&z=1819035384
Requested by
Host: ffindemich.com
URL: http://ffindemich.com/h42Wb6Lt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 30 Aug 2020 17:02:16 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 30 Aug 2020 17:02:16 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-91913048-1&cid=229412917.1598806937&jid=833389972&_gid=1439321148.1598806937&gjid=722428785&_v=j83&z=1819035384
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
1
mc.yandex.ru/watch/42100904/
Redirect Chain
  • https://mc.yandex.ru/watch/42100904?wmode=7&page-url=http%3A%2F%2Fffindemich.com%2Fh42Wb6Lt&charset=utf-8&browser-info=ti%3A10%3Avc%3Ab%3Ans%3A1598806935827%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3A...
  • https://mc.yandex.ru/watch/42100904/1?wmode=7&page-url=http%3A%2F%2Fffindemich.com%2Fh42Wb6Lt&charset=utf-8&browser-info=ti%3A10%3Avc%3Ab%3Ans%3A1598806935827%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%...
186 B
735 B
XHR
General
Full URL
https://mc.yandex.ru/watch/42100904/1?wmode=7&page-url=http%3A%2F%2Fffindemich.com%2Fh42Wb6Lt&charset=utf-8&browser-info=ti%3A10%3Avc%3Ab%3Ans%3A1598806935827%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200830190216%3Aet%3A1598806937%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1576530294904%3Arqn%3A1%3Arn%3A771793020%3Ahid%3A102283031%3Ads%3A0%2C29%2C224%2C3%2C0%2C0%2C0%2C246%2C0%2C%2C%2C%2C666%3Afp%3A575%3Awn%3A43898%3Ahl%3A2%3Agdpr%3A14%3Av%3A1928%3Awv%3A2%3Arqnl%3A1%3Ast%3A1598806937%3Au%3A1598806937799931273%3At%3ATeletype
Requested by
Host: ffindemich.com
URL: http://ffindemich.com/h42Wb6Lt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
f24aeb45936a977c6cc93a4ab3ac5a7baae49e55735fa5771c028c76bbd7f900
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 30 Aug 2020 17:02:16 GMT
X-Content-Type-Options
nosniff
Last-Modified
Sun, 30-Aug-2020 17:02:16 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
http://ffindemich.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
186
X-XSS-Protection
1; mode=block
Expires
Sun, 30-Aug-2020 17:02:16 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 30 Aug 2020 17:02:16 GMT
Last-Modified
Sun, 30-Aug-2020 17:02:16 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
http://ffindemich.com
Strict-Transport-Security
max-age=31536000
Location
/watch/42100904/1?wmode=7&page-url=http%3A%2F%2Fffindemich.com%2Fh42Wb6Lt&charset=utf-8&browser-info=ti%3A10%3Avc%3Ab%3Ans%3A1598806935827%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1600x1200%3Az%3A120%3Ai%3A20200830190216%3Aet%3A1598806937%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Awh%3A1%3Apv%3A1%3Als%3A1576530294904%3Arqn%3A1%3Arn%3A771793020%3Ahid%3A102283031%3Ads%3A0%2C29%2C224%2C3%2C0%2C0%2C0%2C246%2C0%2C%2C%2C%2C666%3Afp%3A575%3Awn%3A43898%3Ahl%3A2%3Agdpr%3A14%3Av%3A1928%3Awv%3A2%3Arqnl%3A1%3Ast%3A1598806937%3Au%3A1598806937799931273%3At%3ATeletype
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Sun, 30-Aug-2020 17:02:16 GMT
sdk.js
connect.facebook.net/en_US/
201 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=44c85f62379e593190e17341addaa308&ua=modern_es6
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
850a957de206a60face4e0444063a88f6c782119116188d638b96ba627aa775e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://ffindemich.com
Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
tPYsse4YdM+r8ctt24dCKQ==
status
200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
62246
etag
"bd3e188bfc4afbf07ea39baea7773bb5"
x-fb-debug
LO17sQVMUPywYC4uh80cIhpLZQCC6/LcSqwZMFgRURNGUhQt4xGHKqP03bWZpC7f6PN3mvonXwdbIN7gMWoUbw==
x-fb-trip-id
1781455057
x-fb-content-md5
1899349c715ac68aa4d731d9cac0bd1d
x-frame-options
DENY
date
Sun, 30 Aug 2020 17:02:16 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
expires
Mon, 30 Aug 2021 15:23:32 GMT
advert.gif
mc.yandex.ru/metrika/
43 B
425 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: ffindemich.com
URL: http://ffindemich.com/h42Wb6Lt
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 30 Aug 2020 17:02:16 GMT
Last-Modified
Mon, 06 Jul 2020 15:32:05 GMT
Server
nginx/1.14.2
ETag
"5f0343f5-2b"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sun, 30 Aug 2020 18:02:16 GMT
widget_iframe.3c5aa8e2a38bbbee4b6d88e6846fc657.html
platform.twitter.com/widgets/ Frame 393C
0
0
Document
General
Full URL
https://platform.twitter.com/widgets/widget_iframe.3c5aa8e2a38bbbee4b6d88e6846fc657.html?origin=http%3A%2F%2Fffindemich.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E5) /
Resource Hash

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://ffindemich.com/h42Wb6Lt
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ffindemich.com/h42Wb6Lt

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
925042
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sun, 30 Aug 2020 17:02:16 GMT
Etag
"9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified
Thu, 30 Jul 2020 21:53:52 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (fcn/40E5)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
5825
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/
105 KB
35 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdf379f03fb1def6543a61f0d1fb32dfae87274e462e4a611711be3317cb62c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 24 Aug 2020 17:04:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 02 Aug 2020 22:35:54 GMT
server
sffe
age
518288
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
status
200
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35665
x-xss-protection
0
expires
Tue, 24 Aug 2021 17:04:08 GMT
status
www.facebook.com/x/oauth/
0
0
Fetch
General
Full URL
https://www.facebook.com/x/oauth/status?client_id=560168947526654&input_token&origin=1&redirect_uri=http%3A%2F%2Fffindemich.com%2Fh42Wb6Lt&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=44c85f62379e593190e17341addaa308&ua=modern_es6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://ffindemich.com/h42Wb6Lt
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
pragma
no-cache
x-fb-debug
rduN5ymARqQQPi5oWXemPR69bVaR8fOCIkVwm6rIp1X2fzjb4jvdyeCLcKBy7zSdLFTeVYW0ZA+YpYk4JrSDuw==
fb-s
unknown
cache-control
private, no-cache, no-store, must-revalidate
date
Sun, 30 Aug 2020 17:02:16 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
http://ffindemich.com
access-control-expose-headers
fb-s
fb-error-description
"This endpoint may only be called from an HTTPS Origin."
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
iframe
accounts.google.com/o/oauth2/ Frame 6DBF
0
0
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.hc3rLxj9u8o.O/m=auth2/rt=j/sv=1/d=1/ed=1/am=wQE/rs=AGLTcCMtAagp6kGxB19Nep_bTJunj37kww/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7SRDXtja7Eb4RZVmX9Xz9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://ffindemich.com/h42Wb6Lt
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=204=0LVOxRPS31oRQr_AvV-7slEREL968uJbPhnPKscG61n-LwNOcUoSP25CHrnvIl1ODUkGsFJnrXOPpQKYEGa-cFEYW5bIUF4kE-LXi0MvAgoh0R1Y9cafC4KNxQSX5YQiVzsiFJFVifzqy5ThB8QDE_91-7-IGOLwosPz27cmlsE
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://ffindemich.com/h42Wb6Lt

Response headers

status
200
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 30 Aug 2020 17:02:16 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-7SRDXtja7Eb4RZVmX9Xz9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| __INITIAL_STATE__ function| gtag object| dataLayer function| fbq function| _fbq function| ym object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| webpackJsonp function| setImmediate function| clearImmediate function| valueToHSLString object| app object| gaplugins object| gaGlobal object| gaData object| Ya object| yaCounter42100904 object| FB function| fbAsyncInit object| OneSignal object| __twttrll object| twttr object| __twttr object| gapi object| ___jsl object| gadgets object| osapi object| oauth2

7 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 204=0LVOxRPS31oRQr_AvV-7slEREL968uJbPhnPKscG61n-LwNOcUoSP25CHrnvIl1ODUkGsFJnrXOPpQKYEGa-cFEYW5bIUF4kE-LXi0MvAgoh0R1Y9cafC4KNxQSX5YQiVzsiFJFVifzqy5ThB8QDE_91-7-IGOLwosPz27cmlsE
ffindemich.com/ Name: 44d2d
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjI4M1wiOjE1OTg4MDY5MzV9LFwiY2FtcGFpZ25zXCI6e1wiMTM5XCI6MTU5ODgwNjkzNX0sXCJ0aW1lXCI6MTU5ODgwNjkzNX0ifQ.ZWibVPxSxLWi2xmbJdTltAnqaHKlRs94jaHkdV6oq2A
.ffindemich.com/ Name: _gat_gtag_UA_91913048_1
Value: 1
.ffindemich.com/ Name: _gid
Value: GA1.2.1439321148.1598806937
.ffindemich.com/ Name: _ga
Value: GA1.2.229412917.1598806937
.ffindemich.com/ Name: G_ENABLED_IDPS
Value: google
ffindemich.com/ Name: _subid
Value: 3pca89rpl2ch7t

12 Console Messages

Source Level URL
Text
console-api error URL: https://teletype.in/static/vendors~main.0a9e37269530d52fcff7.bundle.js(Line 2)
Message:
[object DOMException]
console-api error URL: https://teletype.in/static/vendors~main.0a9e37269530d52fcff7.bundle.js(Line 2)
Message:
TypeError: Cannot read property 'matched' of undefined
console-api error URL: https://teletype.in/static/vendors~main.0a9e37269530d52fcff7.bundle.js(Line 2)
Message:
TypeError: Cannot read property 'query' of undefined
console-api log URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js(Line 1)
Message:
OneSignal: Using fallback ES5 Stub for backwards compatibility.
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[fbpixel] 2021101668138555 is unavailable. Go to Events Manager to learn more
console-api debug URL: https://connect.facebook.net/en_US/sdk.js?hash=44c85f62379e593190e17341addaa308&ua=modern_es6(Line 52)
Message:
sdkperf: it took 30 ms and 64994 bytes to load https://connect.facebook.net/en_US/sdk.js
console-api debug URL: https://connect.facebook.net/en_US/sdk.js?hash=44c85f62379e593190e17341addaa308&ua=modern_es6(Line 52)
Message:
sdkperf: asyncstart logged after 198 ms
console-api debug URL: https://connect.facebook.net/en_US/sdk.js?hash=44c85f62379e593190e17341addaa308&ua=modern_es6(Line 52)
Message:
sdkperf: init logged after 202 ms
console-api info URL: https://connect.facebook.net/en_US/sdk.js?hash=44c85f62379e593190e17341addaa308&ua=modern_es6(Line 52)
Message:
domReady
console-api warning URL: https://connect.facebook.net/en_US/sdk.js?hash=44c85f62379e593190e17341addaa308&ua=modern_es6(Line 52)
Message:
The "fb-root" div has not been created, auto-creating
console-api info URL: https://connect.facebook.net/en_US/sdk.js?hash=44c85f62379e593190e17341addaa308&ua=modern_es6(Line 52)
Message:
XFBML Parsing Start 1
console-api info URL: https://connect.facebook.net/en_US/sdk.js?hash=44c85f62379e593190e17341addaa308&ua=modern_es6(Line 52)
Message:
XFBML Parsing Finish 1, 0 tags found

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
cdn.onesignal.com
connect.facebook.net
ffindemich.com
mc.yandex.ru
platform.twitter.com
stats.g.doubleclick.net
teletype.in
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
164.132.114.207
2606:2800:234:59:254c:406:2366:268c
2606:4700::6812:e134
2a00:1450:4001:801::200e
2a00:1450:4001:802::200e
2a00:1450:4001:818::200e
2a00:1450:4001:81c::200d
2a00:1450:4001:820::2008
2a00:1450:400c:c00::9a
2a02:6b8::1:119
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
45.81.225.43
092f3201317b7ef608f6a899d395d36cffcca4d6824f00bc50120e84341c76f2
12128a7962324a8aafc543f78bf344ace1d79985369e931745cb87609421484e
3adcd43de0a1921a9c87eaf7aa8ef5d65d448ea66ac1baab8faa63a5811330ec
43faf91e264eebd35683ef882dedf752aeef4ee3e830ae7e5483e0baaed339b7
4896f60ab77a3b1611def7835777dab61815c7e1d0c2d4ce02619a95876d0f23
4d796be11bec249b91f041f8caaf455bd84b60aed6fcb6be1472a638f2a5dc1e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
561d54e1c1e1ac073bf1878db1d5bdb28e73d5a060a92a21a3a890ce4ebe3715
5d308f3dc654f14af6a600482f41458efe0667eb639ec7bf7ddd784502b8fd55
6825b92753d2d2ddd3fcbb3ec0481c2a48a93917f96e7758da2c330403b5740d
696fa95a5ece545232e0ae61b56ba23b3bd5c17b3a36df8f768326692c682f28
6adaf62612623c674af2f597baf83ffa56f157a9ab69346be7c11a9569fdebbc
6f5e9a23c31da569497ae9c233b3a3176b33da9ecd52caa3b45dea57805a0cf8
77051dc143f431451c9e356fd64c3f2907f55a85cd1ed4e76954f66623bf0d0d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
850a957de206a60face4e0444063a88f6c782119116188d638b96ba627aa775e
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
89d406b02758799cff68155930829b69a9fb49c39de3e264de966466d8cc7814
cb2d7dd188b35056c09a404e3c501690c8a761ec7eee5ec6c0271f51814f3044
cdf379f03fb1def6543a61f0d1fb32dfae87274e462e4a611711be3317cb62c9
f24aeb45936a977c6cc93a4ab3ac5a7baae49e55735fa5771c028c76bbd7f900
fbc7c8325990a632272981a4eee891acf797d4bc7d876132cdbd2991b6650020
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955