ftm.tc Open in urlscan Pro
63.32.161.232  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request bk-xxej Show response ftm.tc/	5 KB 6 KB	174ms 63ms	Document text/html	63.32.161.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ftm.tc/bk-xxej Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 63.32.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-161-232.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash dd0c85f1deb2840cc96ff14c9e30908f2db63c419f5eb600d07d4eacdb531c91 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers Cache-Control max-age=0, private, must-revalidate Connection keep-alive Content-Type text/html; charset=utf-8 Date Sun, 12 Nov 2023 15:32:09 GMT Etag W/"dd0c85f1deb2840cc96ff14c9e30908f" Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Referrer-Policy strict-origin-when-cross-origin Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699803130&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=pppbyPgCT%2B8uhiiN4vH2DuQrXDNYMSAIme1kwVpGuB4%3D"}]} Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1699803130&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=pppbyPgCT%2B8uhiiN4vH2DuQrXDNYMSAIme1kwVpGuB4%3D Server Cowboy Strict-Transport-Security max-age=31536000; includeSubDomains Transfer-Encoding chunked Via 1.1 vegur X-Content-Type-Options nosniff X-Download-Options noopen X-Frame-Options SAMEORIGIN X-Permitted-Cross-Domain-Policies none X-Request-Id 65365e48-22f7-4941-86c5-8cf9c7f52de4 X-Runtime 0.019494 X-Xss-Protection 1; mode=block
GET H/1.1	200 OK	application-7e20aa9a5e7a698f4e4655b184213e0282304471824f597ad6b891a90077260d.css ftm.tc/assets/	144 KB 24 KB	43ms 42ms	Stylesheet text/css	63.32.161.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ftm.tc/assets/application-7e20aa9a5e7a698f4e4655b184213e0282304471824f597ad6b891a90077260d.css Requested by Host: ftm.tc URL: https://ftm.tc/bk-xxej Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 63.32.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-161-232.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash 7e20aa9a5e7a698f4e4655b184213e0282304471824f597ad6b891a90077260d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer https://ftm.tc/bk-xxej User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Sun, 12 Nov 2023 15:32:09 GMT Content-Encoding gzip Via 1.1 vegur Strict-Transport-Security max-age=31536000; includeSubDomains Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Sat, 07 Jan 2023 12:41:03 GMT Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699803130&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=pppbyPgCT%2B8uhiiN4vH2DuQrXDNYMSAIme1kwVpGuB4%3D"}]} Content-Type text/css Connection keep-alive Content-Length 23257 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1699803130&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=pppbyPgCT%2B8uhiiN4vH2DuQrXDNYMSAIme1kwVpGuB4%3D
GET H/1.1	200 OK	application-a0a2447fa500050455d41fbb8d15c0d0bffa1873e30532292109301339fc6efc.js Show response ftm.tc/assets/	158 KB 48 KB	132ms 42ms	Script application/javascript	63.32.161.232 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://ftm.tc/assets/application-a0a2447fa500050455d41fbb8d15c0d0bffa1873e30532292109301339fc6efc.js Requested by Host: ftm.tc URL: https://ftm.tc/bk-xxej Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 63.32.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-161-232.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash a0a2447fa500050455d41fbb8d15c0d0bffa1873e30532292109301339fc6efc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer https://ftm.tc/bk-xxej User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Sun, 12 Nov 2023 15:32:09 GMT Content-Encoding gzip Via 1.1 vegur Strict-Transport-Security max-age=31536000; includeSubDomains Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Wed, 03 Nov 2021 14:28:12 GMT Vary Accept-Encoding Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699803130&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=pppbyPgCT%2B8uhiiN4vH2DuQrXDNYMSAIme1kwVpGuB4%3D"}]} Content-Type application/javascript Connection keep-alive Content-Length 48781 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1699803130&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=pppbyPgCT%2B8uhiiN4vH2DuQrXDNYMSAIme1kwVpGuB4%3D
GET H/1.1	200 OK	logo--whipflash--white-5d35d611d14de6085d01101cf1ed9c9a263479ff0475637dddbb6a069b76eb48.png ftm.tc/assets/	7 KB 8 KB	133ms 43ms	Image image/png	63.32.161.232 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://ftm.tc/assets/logo--whipflash--white-5d35d611d14de6085d01101cf1ed9c9a263479ff0475637dddbb6a069b76eb48.png Requested by Host: ftm.tc URL: https://ftm.tc/bk-xxej Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 63.32.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-63-32-161-232.eu-west-1.compute.amazonaws.com Software Cowboy / Resource Hash 5d35d611d14de6085d01101cf1ed9c9a263479ff0475637dddbb6a069b76eb48 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-GB,en;q=0.9 Referer https://ftm.tc/bk-xxej User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Sun, 12 Nov 2023 15:32:09 GMT Strict-Transport-Security max-age=31536000; includeSubDomains Via 1.1 vegur Nel {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]} Server Cowboy Last-Modified Thu, 05 Jan 2023 15:11:48 GMT Report-To {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1699803130&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=pppbyPgCT%2B8uhiiN4vH2DuQrXDNYMSAIme1kwVpGuB4%3D"}]} Content-Type image/png Connection keep-alive Content-Length 7478 Reporting-Endpoints heroku-nel=https://nel.heroku.com/reports?ts=1699803130&sid=c4c9725f-1ab0-44d8-820f-430df2718e11&s=pppbyPgCT%2B8uhiiN4vH2DuQrXDNYMSAIme1kwVpGuB4%3D
GET H/1.1	200 OK	e98c176de5362d68b47e61f511c7bf551f139362.gif fotobas-web.s3.amazonaws.com/uploads/vends/3d22239725aeebdaf533c61aec19ef5293898214/	2 MB 2 MB	150ms 62ms	Image image/gif	52.95.144.39 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://fotobas-web.s3.amazonaws.com/uploads/vends/3d22239725aeebdaf533c61aec19ef5293898214/e98c176de5362d68b47e61f511c7bf551f139362.gif Requested by Host: ftm.tc URL: https://ftm.tc/bk-xxej Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.144.39 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS s3-w.eu-west-2.amazonaws.com Software AmazonS3 / Resource Hash cbbf64f1937df8d0b0f84bff1d4c238e39e4b5a41ac0bd1d94af49330b1cf074 Request headers accept-language en-GB,en;q=0.9 Referer https://ftm.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Sun, 12 Nov 2023 15:32:11 GMT Last-Modified Sat, 11 Nov 2023 19:56:23 GMT Server AmazonS3 x-amz-request-id EPMH3KTX8QBSFADV ETag "a07abdc2cefc5c1b5311d143e4bd9c84" x-amz-server-side-encryption AES256 Content-Type image/gif Cache-Control public, max-age=15724800 Accept-Ranges bytes Content-Length 2449223 x-amz-id-2 6kkxX0Zh6/52kuMWOY6FNtZO66fGtOsZtlSEKWLat6+IeZz2JxCp5xC+cFpJSm08Hl1wQS7ehgc=
GET H/1.1	200 OK	bf0ea82cd61020de32eb678258b5130c9e2856da.jpeg fotobas-web.s3.amazonaws.com/uploads/vends/05fa5cec7ccc4a73364ea2d2e8d0563c1c08c055/	719 KB 720 KB	122ms 61ms	Image image/jpeg	52.95.144.39 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://fotobas-web.s3.amazonaws.com/uploads/vends/05fa5cec7ccc4a73364ea2d2e8d0563c1c08c055/bf0ea82cd61020de32eb678258b5130c9e2856da.jpeg Requested by Host: ftm.tc URL: https://ftm.tc/bk-xxej Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.95.144.39 London, United Kingdom, ASN16509 (AMAZON-02, US), Reverse DNS s3-w.eu-west-2.amazonaws.com Software AmazonS3 / Resource Hash 09574e73ca56fb461f37f18fbe6c2ad790b68a8cf24c9044c00512612965e7ee Request headers accept-language en-GB,en;q=0.9 Referer https://ftm.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers Date Sun, 12 Nov 2023 15:32:11 GMT Last-Modified Sat, 11 Nov 2023 19:56:31 GMT Server AmazonS3 x-amz-request-id EPMPNG36DNWMZDV2 ETag "7bdf886dd8a071e454831093267adc0b" x-amz-server-side-encryption AES256 Content-Type image/jpeg Cache-Control public, max-age=15724800 Accept-Ranges bytes Content-Length 736581 x-amz-id-2 M0YYnEVI0XzzZErM7E4mc8CBGFnCX+r7y1rr/CD7v1k6gyz++QQErTVcxLjjpZPFeI/T4Szx9W4=
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	135ms 42ms	Script text/javascript	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: ftm.tc URL: https://ftm.tc/bk-xxej Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ftm.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 12 Nov 2023 13:51:30 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 6040 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 12 Nov 2023 15:51:30 GMT
GET H2	200	sdk.js Show response connect.facebook.net/en_US/	3 KB 2 KB	329ms 242ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js Requested by Host: ftm.tc URL: https://ftm.tc/bk-xxej Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 1b61eed53f5e2abc502be5b223a3bfe0fb49ca4f1e8e3317bfcd5938ba37fdaa Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language en-GB,en;q=0.9 Referer https://ftm.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sun, 12 Nov 2023 15:32:10 GMT content-md5 +5jd5Jxf0LJNHFpeXYlVCw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1686 reporting-endpoints x-fb-debug 6BcyjjHJvROwdbOj75TVvxmYlZoyuVnzmXN95pnaZjU1BdyGFOVBbNaiASisIrrnt8EU8jpdLCwscxW2aQ/RuA== x-fb-content-md5 b2e30e420efd14ccb3f76be861c21c37 cross-origin-opener-policy same-origin-allow-popups etag "5bf0546cff2c7caf03d4bae8b7236976" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * expires Sun, 12 Nov 2023 15:36:54 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	16 B 153 B	92ms 92ms	XHR text/plain	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=338188575&t=pageview&_s=1&dl=https%3A%2F%2Fftm.tc%2Fbk-xxej&ul=en-us&de=UTF-8&dt=Another%20WhipFlash%20classic!%20%F0%9F%93%B7%20%7C%20WhipFlash%20%40%20LHG%20%7C%20Brewpub&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=864426914&gjid=571792395&cid=1769310508.1699803131&tid=UA-114896730-2&_gid=1915462709.1699803131&_r=1&_slc=1&z=577837383 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 301bc47a155f62b7052563d890504a13169ad13e7e012bc988c88f01386daf66 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://ftm.tc/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 12 Nov 2023 15:32:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ftm.tc cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	collect www.google-analytics.com/	35 B 194 B	82ms 81ms	Image image/gif	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google-analytics.com/collect?v=1&_v=j101&a=338188575&t=pageview&_s=2&dl=https%3A%2F%2Fftm.tc%2Fbk-xxej&ul=en-us&de=UTF-8&dt=Another%20WhipFlash%20classic!%20%F0%9F%93%B7%20%7C%20WhipFlash%20%40%20LHG%20%7C%20Brewpub&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1769310508.1699803131&tid=UA-114896730-2&_gid=1915462709.1699803131&cd1=booth-20&z=673038819 Requested by Host: ftm.tc URL: https://ftm.tc/bk-xxej Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://ftm.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sun, 12 Nov 2023 02:18:02 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 age 47648 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 35 expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 339 B	114ms 36ms	XHR text/plain	2a00:1450:400c:c00::9a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-114896730-2&cid=1769310508.1699803131&jid=864426914&gjid=571792395&_gid=1915462709.1699803131&_u=IEBAAEAAAAAAACAAI~&z=1930284484 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://ftm.tc/ accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 12 Nov 2023 15:32:10 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ftm.tc cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	227 KB 81 KB	155ms 58ms	Script application/javascript	2a00:1450:4001:806::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-MVS4GXZ072&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 19b513bba6e81b85fe60cc3bce36f758658dc0a0f6077301ac667419ae95ec6b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://ftm.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers date Sun, 12 Nov 2023 15:32:10 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 82804 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 12 Nov 2023 15:32:10 GMT
GET H3	200	sdk.js Show response connect.facebook.net/en_US/	302 KB 86 KB	89ms 44ms	Script application/x-javascript	2a03:2880:f083:9:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/sdk.js?hash=ac2837d26d4ce2da1e5fd5ac6754b8f8 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/sdk.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash bbc5f7194705de6f31ffbbe63524652ffc8bbd336d3e344da15cd547af9a59d4 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://ftm.tc/ Origin https://ftm.tc accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Sun, 12 Nov 2023 15:32:10 GMT content-md5 bNJL6SfjhJZoYDulw8AQWw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88331 reporting-endpoints x-fb-debug fm05gqFiDLv8V2z8hL8oGz1hC8sMVW5b1AIGJq9gDM2u3iKH//VCU1IS12OqSNBfP4E4YJw+NyC7oy0deJL3pQ== x-fb-content-md5 3622cb3ae9c3f650166012313676fab4 cross-origin-opener-policy same-origin-allow-popups etag "ecd6f0dee7849bcfd27bfed42d728fa2" vary Accept-Encoding x-frame-options DENY content-type application/x-javascript; charset=utf-8 access-control-allow-origin * origin-agent-cluster ?0 access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable permissions-policy accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=() timing-allow-origin * priority u=3,i expires Mon, 11 Nov 2024 14:48:53 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 247 B	124ms 36ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-MVS4GXZ072&gtm=45je3b81v9123091505&_p=1699803130783&gcd=11l1l1l1l2&dma=0&ul=en-us&sr=1600x1200&cid=1769310508.1699803131&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EBAI&_s=1&dl=https%3A%2F%2Fftm.tc%2Fbk-xxej&dt=Another%20WhipFlash%20classic!%20%F0%9F%93%B7%20%7C%20WhipFlash%20%40%20LHG%20%7C%20Brewpub&sid=1699803131&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1051 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-MVS4GXZ072&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://ftm.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36 Response headers pragma no-cache date Sun, 12 Nov 2023 15:32:11 GMT server Golfe2 content-type text/plain access-control-allow-origin https://ftm.tc cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| GoogleAnalyticsObject function| ga function| stripeSourceHandler function| addFieldToForm function| $ function| jQuery object| Rails boolean| _rails_loaded object| Turbolinks object| ActionCable object| App function| fbAsyncInit object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer object| FB object| __buffer object| google_tag_manager

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ftm.tc/	1970-01-20 16:53:15	Name: split Value: %7B%22online_ordering_cta%3A2%22%3A%22Order+extra+copies%22%7D
			ftm.tc/	1969-12-31 23:59:59	Name: _fotobas_session Value: LzYrMVQ2b3VCN1d0VUNiSWZLaHBCUDNKeG9jaTIrZ2hBc1lIcnFhU3RLSzRsN2FQSngyaTBFT1ovczBKOU9ONU9lMm1qcGFET2R3NUdRMFFwWGFJdUY0UUdHeUJRY3R1RkFwaTlXTXNDZXpTbVBDUVltamxhSTJyblVLMGJMOHNXVkIwYjJBSTBQdTJpT1JJekFkMjV3PT0tLVUvb1pjTWJ2M0RwZjF4Z1BWamhKRGc9PQ%3D%3D--cf767d580a4e28d5420d46bf8d72bd92d03830f8
			.ftm.tc/	1970-01-21 01:46:03	Name: _ga Value: GA1.2.1769310508.1699803131
			.ftm.tc/	1970-01-20 16:11:29	Name: _gid Value: GA1.2.1915462709.1699803131
			.ftm.tc/	1970-01-20 16:10:03	Name: _gat Value: 1
			.ftm.tc/	1970-01-21 01:46:03	Name: _ga_MVS4GXZ072 Value: GS1.2.1699803131.1.1.1699803131.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

connect.facebook.net
fotobas-web.s3.amazonaws.com
ftm.tc
region1.google-analytics.com
stats.g.doubleclick.net
www.google-analytics.com
www.googletagmanager.com
2001:4860:4802:34::36
2a00:1450:4001:806::2008
2a00:1450:4001:810::200e
2a00:1450:400c:c00::9a
2a03:2880:f083:9:face:b00c:0:3
52.95.144.39
63.32.161.232
09574e73ca56fb461f37f18fbe6c2ad790b68a8cf24c9044c00512612965e7ee
19b513bba6e81b85fe60cc3bce36f758658dc0a0f6077301ac667419ae95ec6b
1b61eed53f5e2abc502be5b223a3bfe0fb49ca4f1e8e3317bfcd5938ba37fdaa
301bc47a155f62b7052563d890504a13169ad13e7e012bc988c88f01386daf66
5d35d611d14de6085d01101cf1ed9c9a263479ff0475637dddbb6a069b76eb48
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7e20aa9a5e7a698f4e4655b184213e0282304471824f597ad6b891a90077260d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a0a2447fa500050455d41fbb8d15c0d0bffa1873e30532292109301339fc6efc
bbc5f7194705de6f31ffbbe63524652ffc8bbd336d3e344da15cd547af9a59d4
cbbf64f1937df8d0b0f84bff1d4c238e39e4b5a41ac0bd1d94af49330b1cf074
dd0c85f1deb2840cc96ff14c9e30908f2db63c419f5eb600d07d4eacdb531c91
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855