www.mydirapp.com Open in urlscan Pro
185.66.41.42 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mydirapp.com/
Submission: On June 07 via api (June 7th 2023, 11:38:46 am UTC) from US — Scanned from ES

Summary HTTP 26 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 9 domains to perform 26 HTTP transactions. The main IP is 185.66.41.42, located in Spain and belongs to CDMON sistemes@cdmon.com, ES. The main domain is www.mydirapp.com.
TLS certificate: Issued by R3 on May 18th 2023. Valid for: 3 months.

This is the only time www.mydirapp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.66.41.42 185.66.41.42	197712 (CDMON sis...) (CDMON sistemes@cdmon.com)
7	161.35.160.191 161.35.160.191	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	151.101.194.182 151.101.194.182	54113 (FASTLY) (FASTLY)
3	99.86.4.99 99.86.4.99	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.55 13.224.189.55	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	52.92.17.250 52.92.17.250	16509 (AMAZON-02) (AMAZON-02)
3	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2	151.101.0.176 151.101.0.176	54113 (FASTLY) (FASTLY)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	52.88.36.97 52.88.36.97	16509 (AMAZON-02) (AMAZON-02)
26	13

1 185.66.41.42 (Spain)

ASN197712 (CDMON sistemes@cdmon.com, ES)
PTR: vxhcf-19.srv.cat

www.mydirapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 161.35.160.191 (Enfield, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)

dir.fisikal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.182 (United States)

ASN54113 (FASTLY, US)

core.spreedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-99.fra6.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-55.fra2.r.cloudfront.net

checkout.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::729 (United States)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.92.17.250 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1-r-w.amazonaws.com

fisikal-ltd-dir.s3.eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.0.176 (United States)

ASN54113 (FASTLY, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.88.36.97 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-88-36-97.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	stripe.com js.stripe.com — Cisco Umbrella Rank: 1602 checkout.stripe.com — Cisco Umbrella Rank: 14251 q.stripe.com — Cisco Umbrella Rank: 11560 m.stripe.com — Cisco Umbrella Rank: 1484	147 KB
7	fisikal.com dir.fisikal.com	1020 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 969 syndication.twitter.com — Cisco Umbrella Rank: 1165	132 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1741	17 KB
2	spreedly.com core.spreedly.com — Cisco Umbrella Rank: 27379	112 KB
1	amazonaws.com fisikal-ltd-dir.s3.eu-west-1.amazonaws.com	16 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 57	21 KB
1	sentry-cdn.com browser.sentry-cdn.com — Cisco Umbrella Rank: 4672	17 KB
1	mydirapp.com www.mydirapp.com	540 B
26	9

	Domain	Requested by
7	dir.fisikal.com	www.mydirapp.com dir.fisikal.com
3	q.stripe.com	www.mydirapp.com
3	js.stripe.com	dir.fisikal.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	platform.twitter.com	dir.fisikal.com platform.twitter.com
2	core.spreedly.com	dir.fisikal.com
1	m.stripe.com	m.stripe.network
1	syndication.twitter.com	platform.twitter.com
1	fisikal-ltd-dir.s3.eu-west-1.amazonaws.com	dir.fisikal.com
1	www.google-analytics.com	www.mydirapp.com
1	browser.sentry-cdn.com	dir.fisikal.com
1	checkout.stripe.com	dir.fisikal.com
1	www.mydirapp.com
26	13

This site contains no links.

Subject Issuer	Validity	Valid
*.mydirapp.com R3	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.fisikal.com Go Daddy Secure Certificate Authority - G2	`2023-03-25` - `2024-04-25`	a year	crt.sh
core.spreedly.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-01-12` - `2024-02-13`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2023-05-12` - `2023-08-13`	3 months	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.s3-eu-west-1.amazonaws.com Amazon RSA 2048 M01	`2023-04-11` - `2023-12-23`	8 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-05-25` - `2023-08-23`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-01` - `2023-10-01`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2023-07-26`	4 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.mydirapp.com/
Frame ID: 2E7989C878CF33D42EB74DEAA93D1782
Requests: 1 HTTP requests in this frame

Frame: https://dir.fisikal.com/
Frame ID: 178259361B1241C6A8B2F0C902F58ABD
Requests: 15 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: F3DDE21E14A48085ED729EFDAFA2CD02
Requests: 4 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fdir.fisikal.com
Frame ID: FE3918783859E84E4E8B4165FA24CB58
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 9AE2E51D42274DE3FF66BDBD407550C6
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MyDiRApp

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

26
Requests

100 %
HTTPS

23 %
IPv6

9
Domains

13
Subdomains

13
IPs

4
Countries

1481 kB
Transfer

7230 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.mydirapp.com/ 583 B
540 B 203ms
45ms Document
text/html 185.66.41.42
CDMON sistemes@cd...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mydirapp.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.66.41.42 , Spain, ASN197712 (CDMON sistemes@cdmon.com, ES),
Reverse DNS: vxhcf-19.srv.cat
Software: Apache /
Resource Hash: 90940cc89acecdf426c69c80c234e7539a5ab7d288bb5bebdb0bec0971642fb0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 393
content-type: text/html
date: Wed, 07 Jun 2023 11:38:41 GMT
etag: "247-5918fb8e63a00-gzip"
last-modified: Mon, 02 Sep 2019 10:49:12 GMT
server: Apache
vary: Accept-Encoding

GET
H/1.1 200
OK / Show response
dir.fisikal.com/ Frame 1782 360 KB
85 KB 827ms
581ms Document
text/html 161.35.160.191
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://dir.fisikal.com/

Requested by

Host: www.mydirapp.com
URL: https://www.mydirapp.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

161.35.160.191 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx + Phusion Passenger(R) / Phusion Passenger(R)

Resource Hash

0399d7a5ed26c6bef1471b32e98ccffbd39ae72e4096e2b6a453b03584242c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.mydirapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Jun 2023 11:38:42 GMT
ETag: W/"729e80d46f07c01680bd1f2af0330a68"
Server: nginx + Phusion Passenger(R)
Status: 200 OK
Transfer-Encoding: chunked
Vary: Accept-Encoding Origin
X-Content-Type-Options: nosniff
X-Powered-By: Phusion Passenger(R)
X-Request-Id: c8fda500-e1bb-4656-b2f5-449a136ed70f
X-Runtime: 0.501472
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK styles-5601b8292fdc42bf79646a352eb2a00a.css
dir.fisikal.com/assets/ Frame 1782 2 MB
194 KB 279ms
142ms Stylesheet
text/css 161.35.160.191
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dir.fisikal.com/assets/styles-5601b8292fdc42bf79646a352eb2a00a.css
Requested by: Host: dir.fisikal.com
URL: https://dir.fisikal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 161.35.160.191 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: 3883e5ca0a5cb09e65c9253cb6115dbff8337a0dce8456c46da7e344407e4b35

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://dir.fisikal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 11:38:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 May 2023 23:08:39 GMT
Server: nginx
ETag: W/"6466aff7-240e2f"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=315360000
Expires: Sat, 04 Jun 2033 11:38:42 GMT

GET
H2 200 iframe-v1.min.js Show response
core.spreedly.com/iframe/ Frame 1782 79 KB
79 KB 135ms
33ms Script
text/javascript 151.101.194.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/iframe-v1.min.js

Requested by

Host: dir.fisikal.com
URL: https://dir.fisikal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5507bc4873157a39d6e538706615b7a8a868dde324ffa4ad6e9407d055b928f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://dir.fisikal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Wed, 07 Jun 2023 11:38:42 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: VQBYQMJX607R3VXJ
age: 2914
x-cache: MISS, HIT
content-length: 80642
x-amz-id-2: siT5HqhP+29AvOECcUtzbxuGTbd8/lOaJDVEgxgxPYcZLNKd5OuPzlKU3qwOr6FGzZvnd2VzIL8=
x-served-by: cache-mad22073-MAD, cache-mad22027-MAD
last-modified: Tue, 06 Jun 2023 14:54:05 GMT
server: AmazonS3
x-timer: S1686137923.914961,VS0,VE0
etag: "d320d5db57a0908f2bb1b63cd3736128"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 0, 28

GET
H2 200 express-2.min.js Show response
core.spreedly.com/iframe/ Frame 1782 32 KB
33 KB 135ms
32ms Script
text/javascript 151.101.194.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://core.spreedly.com/iframe/express-2.min.js

Requested by

Host: dir.fisikal.com
URL: https://dir.fisikal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

4a1691d4a5382b3cad39defd98ba4f0ba94d6b7bd5dd534ca2e01e30ed6e0c7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://dir.fisikal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: null
via: 1.1 varnish, 1.1 varnish
date: Wed, 07 Jun 2023 11:38:42 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: A9EGX9T112DQAQJ6
age: 564
x-cache: MISS, HIT
content-length: 32981
x-amz-id-2: +HsMpaPaeoyQErq9zLHrkbLO/Mm7QM1zWo1ZPSwFEISOr3Htp8gxvtP12RVBA/66J2wAqeGw6oA=
x-served-by: cache-mad2200145-MAD, cache-mad22027-MAD
last-modified: Tue, 06 Jun 2023 14:54:03 GMT
server: AmazonS3
x-timer: S1686137923.914928,VS0,VE0
etag: "0f5c38ffae2dbc057de46988868fbd76"
content-type: text/javascript
accept-ranges: bytes
x-cache-hits: 0, 2

GET
H/1.1 200
OK scripts-f74fc0de79c7abf0febbb9e128573343.js Show response
dir.fisikal.com/assets/ Frame 1782 3 MB
682 KB 218ms
78ms Script
application/javascript 161.35.160.191
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dir.fisikal.com/assets/scripts-f74fc0de79c7abf0febbb9e128573343.js
Requested by: Host: dir.fisikal.com
URL: https://dir.fisikal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 161.35.160.191 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: d519f534add36e3c37ac40f5d673f3f63fb8710a4d6c2fdaaf098e5745e632f5

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://dir.fisikal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 11:38:42 GMT
Content-Encoding: gzip
Last-Modified: Thu, 18 May 2023 23:09:10 GMT
Server: nginx
ETag: W/"6466b016-31e848"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=315360000
Expires: Sat, 04 Jun 2033 11:38:42 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 1782 490 KB
119 KB 216ms
67ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: dir.fisikal.com
URL: https://dir.fisikal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

802577275305cc2424ee390687bb422493341fc122673926d5f79e5eddcf42cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://dir.fisikal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 11:37:56 GMT
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 46
x-cache: Hit from cloudfront
last-modified: Tue, 06 Jun 2023 21:24:20 GMT
server: Cloudfront
etag: W/"600186f934512edf5637feeb2c5f52bb"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: 1SRptuQRXEyy1IwLbOQXtVHC-Rg-5lEOXH1cYWZ_AqRH1-z0f8nP5A==

GET
H2 200 checkout.js Show response
checkout.stripe.com/ Frame 1782 88 KB
23 KB 212ms
66ms Script
application/javascript 13.224.189.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.stripe.com/checkout.js

Requested by

Host: dir.fisikal.com
URL: https://dir.fisikal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-55.fra2.r.cloudfront.net

Software

Cloudfront /

Resource Hash

18781492fefe9e0fb34b391582891c3d0700908f2c991f91f506de046f5c3c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://dir.fisikal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 11:38:19 GMT
last-modified: Wed, 13 Jul 2022 15:14:21 GMT
server: Cloudfront
via: 1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
etag: W/"9df39fdc36e7b7d12c767cc16f78989c"
age: 35
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=60
x-amz-cf-id: bNHYS_6DPmqQoh5ZkGAlVrqPYTAqyqwzyiP0MmQdyLS5uAnMMB4-8g==

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/5.15.4/ Frame 1782 55 KB
17 KB 100ms
32ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/5.15.4/bundle.min.js

Requested by

Host: dir.fisikal.com
URL: https://dir.fisikal.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f3ab37964da3b39c09a8142fc860291173532f6b260ccbcc60b466b30bdd1d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://dir.fisikal.com/
Origin: https://dir.fisikal.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 11:38:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 27 Mar 2020 13:45:23 GMT
server: Fastly
age: 16258293
etag: "aced39c04469e402dc2b6fe4779238f6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17452
expires: Fri, 01 Dec 2023 07:27:09 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ Frame 1782 91 KB
28 KB 131ms
32ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: dir.fisikal.com
URL: https://dir.fisikal.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mdr/66A0) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://dir.fisikal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 11:38:43 GMT
Content-Encoding: gzip
Age: 252
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (mdr/66A0)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H/1.1 200
OK font-dd120123d50a6bf3eee62b471b55ae62.woff
dir.fisikal.com/assets/employer/guest/helvetica_light_normal/ Frame 1782 19 KB
19 KB 72ms
71ms Font
application/font-woff 161.35.160.191
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dir.fisikal.com/assets/employer/guest/helvetica_light_normal/font-dd120123d50a6bf3eee62b471b55ae62.woff
Requested by: Host: dir.fisikal.com
URL: https://dir.fisikal.com/assets/styles-5601b8292fdc42bf79646a352eb2a00a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 161.35.160.191 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx /
Resource Hash: ca924460289d062d867f02113b9de7d76ed3f253f992966f410fb37d2f4d9b28

Request headers

Referer: https://dir.fisikal.com/assets/styles-5601b8292fdc42bf79646a352eb2a00a.css
Origin: https://dir.fisikal.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 11:38:43 GMT
Last-Modified: Thu, 18 May 2023 22:52:42 GMT
Server: nginx
ETag: "6466ac3a-4a34"
Content-Type: application/font-woff
Cache-Control: max-age=315360000
Accept-Ranges: bytes
Content-Length: 18996
Expires: Sat, 04 Jun 2033 11:38:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 1782 51 KB
21 KB 194ms
62ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.mydirapp.com
URL: https://www.mydirapp.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://dir.fisikal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Jun 2023 11:04:48 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 2035
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Wed, 07 Jun 2023 13:04:48 GMT

GET
H/1.1 200
OK lookup Show response
dir.fisikal.com/api/web/locations/ Frame 1782 951 B
1 KB 137ms
137ms XHR
application/json 161.35.160.191
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://dir.fisikal.com/api/web/locations/lookup?json=%7B%22filter%22%3A%5B%7B%22by%22%3A%22parent_id%22%2C+%22with%22%3Anull%7D%2C+%7B%22by%22%3A%22hidden%22%2C+%22with%22%3Afalse%7D%5D%2C+%22limit%22%3A%7B%22start%22%3A0%2C+%22count%22%3A10%7D%7D

Requested by

Host: dir.fisikal.com
URL: https://dir.fisikal.com/assets/scripts-f74fc0de79c7abf0febbb9e128573343.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

161.35.160.191 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx + Phusion Passenger(R) / Phusion Passenger(R)

Resource Hash

928054d2dfd508e2d7a74c9726ef6a995f2ea0261e8eabf08dc90aa2a94aac2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://dir.fisikal.com/
X-CSRF-Token: /fiLTs3JjwximSklRkoXRMUd5h+NynfjWhaaxv84YpN7VRJnf0nBGNXEeWS1LvKjRxwjaXIHs4qLTsG2azDJkg==
X-Requested-With: XMLHttpRequest
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

X-Runtime: 0.061452
Date: Wed, 07 Jun 2023 11:38:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx + Phusion Passenger(R)
ETag: W/"e8b60f1dc1d4996581f5e5def3d4f971"
X-Powered-By: Phusion Passenger(R)
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: 0ff8af27-f385-44bd-ad84-668db4e03e20

GET
H/1.1 200
OK lookup Show response
dir.fisikal.com/api/web/locations/ Frame 1782 951 B
1 KB 122ms
121ms XHR
application/json 161.35.160.191
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: dir.fisikal.com
URL: https://dir.fisikal.com/assets/scripts-f74fc0de79c7abf0febbb9e128573343.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

161.35.160.191 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx + Phusion Passenger(R) / Phusion Passenger(R)

Resource Hash

928054d2dfd508e2d7a74c9726ef6a995f2ea0261e8eabf08dc90aa2a94aac2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://dir.fisikal.com/
X-CSRF-Token: /fiLTs3JjwximSklRkoXRMUd5h+NynfjWhaaxv84YpN7VRJnf0nBGNXEeWS1LvKjRxwjaXIHs4qLTsG2azDJkg==
X-Requested-With: XMLHttpRequest
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

X-Runtime: 0.041398
Date: Wed, 07 Jun 2023 11:38:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx + Phusion Passenger(R)
ETag: W/"e8b60f1dc1d4996581f5e5def3d4f971"
X-Powered-By: Phusion Passenger(R)
Transfer-Encoding: chunked
Vary: Accept-Encoding, Origin
Content-Type: application/json; charset=utf-8
Status: 200 OK
Cache-Control: max-age=0, private, must-revalidate
X-XSS-Protection: 1; mode=block
X-Request-Id: b341db82-74aa-4ca2-8f47-62bb6e5002a0

GET
H/1.1 200
OK dir-logo_blanc_16_9_small_square.png
fisikal-ltd-dir.s3.eu-west-1.amazonaws.com/public/club_logos/6/ Frame 1782 16 KB
16 KB 228ms
80ms Image
image/png 52.92.17.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fisikal-ltd-dir.s3.eu-west-1.amazonaws.com/public/club_logos/6/dir-logo_blanc_16_9_small_square.png
Requested by: Host: dir.fisikal.com
URL: https://dir.fisikal.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.92.17.250 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f51ba67723a71d4c26ce5cf560de10e446c9953e14454763d6e27e0a6e9d56f

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://dir.fisikal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Wed, 07 Jun 2023 11:38:44 GMT
Last-Modified: Fri, 21 Jan 2022 09:19:50 GMT
Server: AmazonS3
x-amz-request-id: N1H5JDBFJ4EN39PN
ETag: "7e205a899587f7c7a40f239b680ab58e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16213
x-amz-id-2: glupwI8JQl3x/yauLOMXAKpbA+EadaQ7Jswpu8VtOYJayFiw9gcr+wVWCAFSuRWvLphQtQWl6Y4=

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame F3DD 200 B
1 KB 60ms
59ms Document
text/html 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://dir.fisikal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 32
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 11:38:12 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Tue, 23 May 2023 20:52:13 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-id: Kew1wXitAbRonyBIBcE4GUWB5i8R6G4oiC-VBFNyhGgm-qOkKbHsvw==
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H/1.1 200
OK font.ttf
dir.fisikal.com/assets/employer/guest/helvetica_light_normal/ Frame 1782 37 KB
37 KB 154ms
153ms Font
application/octet-stream 161.35.160.191
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://dir.fisikal.com/assets/employer/guest/helvetica_light_normal/font.ttf
Requested by: Host: dir.fisikal.com
URL: https://dir.fisikal.com/assets/styles-5601b8292fdc42bf79646a352eb2a00a.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 161.35.160.191 Enfield, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx + Phusion Passenger(R) / Phusion Passenger(R)
Resource Hash: 642bc4679d8595568801875ed8045c707434c36f2c2c3525801a041e604b9750

Request headers

Referer: https://dir.fisikal.com/assets/styles-5601b8292fdc42bf79646a352eb2a00a.css
Origin: https://dir.fisikal.com
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

X-Runtime: 0.005734
Date: Wed, 07 Jun 2023 11:38:43 GMT
Last-Modified: Tue, 08 Jun 2021 00:02:40 GMT
Server: nginx + Phusion Passenger(R)
ETag: "a159fa0966f75ca496f409f92f3a7134"
X-Powered-By: Phusion Passenger(R)
Vary: Origin
Access-Control-Max-Age: 7200
Content-Type: application/octet-stream
Status: 200 OK
Access-Control-Allow-Origin: https://dir.fisikal.com
Cache-Control: public, must-revalidate
Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE
Content-Length: 37774
X-Request-Id: cd518b34-e224-4d24-be49-f99256e155ea

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame F3DD 631 B
1 KB 59ms
58ms Script
text/javascript 99.86.4.99
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.99 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-99.fra6.r.cloudfront.net

Software

Cloudfront /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 07 Jun 2023 11:38:06 GMT
x-content-type-options: nosniff
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 37
x-cache: Hit from cloudfront
content-length: 631
last-modified: Thu, 25 May 2023 20:16:52 GMT
server: Cloudfront
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: xfnkM6AjsUCeoQlgCLEHxlle6VcNgzhEij0NOYVmS4kAOH8V5Z1B3g==

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame FE39 320 KB
104 KB 34ms
34ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fdir.fisikal.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mdr/66A1) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://dir.fisikal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3420383
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Jun 2023 11:38:43 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mdr/66A1)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

POST
H2 200 csp-report
q.stripe.com/ Frame F3DD 0
717 B 718ms
198ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.mydirapp.com
URL: https://www.mydirapp.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Jun 2023 11:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686137924398634
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1686137924398102
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame F3DD 0
717 B 718ms
199ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.mydirapp.com
URL: https://www.mydirapp.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Jun 2023 11:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686137924398831
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1686137924398178
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 9AE2 930 B
1 KB 117ms
32ms Document
text/html 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: es-ES,es;q=0.9

Response headers

accept-ranges: bytes
age: 66
cache-control: max-age=300, public
content-encoding: gzip
content-length: 527
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Wed, 07 Jun 2023 11:38:43 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 52
x-content-type-options: nosniff
x-request-id: 4b69e59a-862b-4da1-b581-b56be0785140
x-served-by: cache-mad22086-MAD
x-timer: S1686137924.882722,VS0,VE0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame FE39 869 B
660 B 300ms
167ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=a615359cc863143ad0b5e8a447f61ce1f3c0b926

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fdir.fisikal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-response-time: 105
date: Wed, 07 Jun 2023 11:38:43 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Wed, 07 Jun 2023 11:38:44 GMT
server: tsa_f
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 4027ae5e8de78d3d
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 6d7531eb817dc7888ea451363c7cd0373f7dd49671fda944cf625fd1d4b8b9b7
content-length: 337

POST
H2 200 csp-report
q.stripe.com/ Frame 9AE2 0
492 B 586ms
198ms Other
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.mydirapp.com
URL: https://www.mydirapp.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-119-242.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 07 Jun 2023 11:38:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686137924398343
x-envoy-upstream-service-time: 0
content-length: 0
x-stripe-bg-intended-route-color: green
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1686137924398142
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 9AE2 86 KB
16 KB 34ms
34ms Script
text/javascript 151.101.0.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.0.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: es-ES,es;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Wed, 07 Jun 2023 11:38:43 GMT
x-content-type-options: nosniff
content-encoding: gzip
via: 1.1 varnish
age: 72
x-cache: HIT
content-length: 16031
x-request-id: d429a97c-c4a6-43bd-b3bf-f71c6c964337
x-served-by: cache-mad22086-MAD
server: Fastly
x-timer: S1686137924.926277,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 54

POST
H2 200 6 Show response
m.stripe.com/ Frame 9AE2 156 B
669 B 615ms
202ms XHR
application/json 52.88.36.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.88.36.97 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-88-36-97.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f8c882134d7fbd2479ec019df7b44493ebc55d88aa7b71cb040ce8ca3df39921

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: es-ES,es;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Wed, 07 Jun 2023 11:38:44 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1686137924508284
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1686137924507676
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| onbeforetoggle object| onscrollend

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dir.fisikal.com/	1970-01-20 21:58:17	Name: visitor_uuid Value: a39a57b6-b2b1-40e7-aea0-e197ce5bd5be
dir.fisikal.com/	1969-12-31 23:59:59	Name: fisikal_v2_session Value: aWN2UjlpOVJSNGZkbXpvYjdMTlBIVmtPTlZhNXBRM3JHME1DMDJ5aFVGZ28veStucU1ucWpIYnFQczJpYkpqakk1ak5NZ3NzZXFiWUxRSnByWUF2ZmNrcG12UFRYemk1aS81MnNrOVloOXo2YlJOT0NhcVRLZkNVZTdwTE02bXh2OFlQYjRodHAwMklJZkdsTXNtUDlJWTQzNTJzZVlrS2xjYWNValFGaERCcWhRcmx5ZWMra0pRWHY5MGFXTHliK1FpaU4zK1UzQjdTbHhwb2VscWg5QT09LS1XR1hOTFNzeVgxV0FBZU9MMERkVkRBPT0%3D--12f81a09d4157708d5ddacd53c2930f21b89b17f
m.stripe.com/	1970-01-20 21:58:17	Name: m Value: d248c236-94ec-4170-b19e-56ed8d42c3014965d3

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://dir.fisikal.com/#/branded Message: Failed to decode downloaded font: https://dir.fisikal.com/assets/employer/guest/helvetica_light_normal/font-dd120123d50a6bf3eee62b471b55ae62.woff
other	warning	URL: https://dir.fisikal.com/#/branded Message: OTS parsing error: cmap: Failed to parse table
other	warning	URL: https://dir.fisikal.com/#/branded Message: Failed to decode downloaded font: https://dir.fisikal.com/assets/employer/guest/helvetica_light_normal/font-dd120123d50a6bf3eee62b471b55ae62.woff
other	warning	URL: https://dir.fisikal.com/#/branded Message: OTS parsing error: cmap: Failed to parse table
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
other	warning	URL: https://dir.fisikal.com/#/branded Message: Failed to decode downloaded font: https://dir.fisikal.com/assets/employer/guest/helvetica_light_normal/font.ttf
other	warning	URL: https://dir.fisikal.com/#/branded Message: OTS parsing error: cmap: Failed to parse table
other	warning	URL: https://dir.fisikal.com/#/branded Message: Failed to decode downloaded font: https://dir.fisikal.com/assets/employer/guest/helvetica_light_normal/font.ttf
other	warning	URL: https://dir.fisikal.com/#/branded Message: OTS parsing error: cmap: Failed to parse table

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

browser.sentry-cdn.com
checkout.stripe.com
core.spreedly.com
dir.fisikal.com
fisikal-ltd-dir.s3.eu-west-1.amazonaws.com
js.stripe.com
m.stripe.com
m.stripe.network
platform.twitter.com
q.stripe.com
syndication.twitter.com
www.google-analytics.com
www.mydirapp.com
104.244.42.72
13.224.189.55
151.101.0.176
151.101.194.182
161.35.160.191
185.66.41.42
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:82b::200e
2a04:4e42:200::729
52.88.36.97
52.92.17.250
54.187.119.242
99.86.4.99
0399d7a5ed26c6bef1471b32e98ccffbd39ae72e4096e2b6a453b03584242c1d
18781492fefe9e0fb34b391582891c3d0700908f2c991f91f506de046f5c3c8c
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3883e5ca0a5cb09e65c9253cb6115dbff8337a0dce8456c46da7e344407e4b35
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
4a1691d4a5382b3cad39defd98ba4f0ba94d6b7bd5dd534ca2e01e30ed6e0c7b
5507bc4873157a39d6e538706615b7a8a868dde324ffa4ad6e9407d055b928f4
642bc4679d8595568801875ed8045c707434c36f2c2c3525801a041e604b9750
7f51ba67723a71d4c26ce5cf560de10e446c9953e14454763d6e27e0a6e9d56f
802577275305cc2424ee390687bb422493341fc122673926d5f79e5eddcf42cb
90940cc89acecdf426c69c80c234e7539a5ab7d288bb5bebdb0bec0971642fb0
928054d2dfd508e2d7a74c9726ef6a995f2ea0261e8eabf08dc90aa2a94aac2e
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ca924460289d062d867f02113b9de7d76ed3f253f992966f410fb37d2f4d9b28
d519f534add36e3c37ac40f5d673f3f63fb8710a4d6c2fdaaf098e5745e632f5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f3ab37964da3b39c09a8142fc860291173532f6b260ccbcc60b466b30bdd1d82
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f8c882134d7fbd2479ec019df7b44493ebc55d88aa7b71cb040ce8ca3df39921

www.mydirapp.com Open in urlscan Pro 185.66.41.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

23 %IPv6

9 Domains

13 Subdomains

13 IPs

4 Countries

1481 kBTransfer

7230 kBSize

3 Cookies

0 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

3 Cookies

9 Console Messages

Indicators

www.mydirapp.com Open in urlscan Pro
185.66.41.42 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

23 %
IPv6

9
Domains

13
Subdomains

13
IPs

4
Countries

1481 kB
Transfer

7230 kB
Size

3
Cookies

26 HTTP transactions
0 data transactions