substack.pseudosafe.com Open in urlscan Pro
104.18.20.132  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response substack.pseudosafe.com/	34 KB 11 KB	585ms 549ms	Document text/html	104.18.20.132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://substack.pseudosafe.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 2fbc2d7d581184b2a531ca9abc7473e4af4728d7d20b16893a413d7b0723e43b Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Frame-Options sameorigin Request headers :method GET :authority substack.pseudosafe.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Sat, 23 Oct 2021 00:38:58 GMT content-type text/html; charset=utf-8 cf-ray 6a26e7d72dad4137-PRG cache-control no-cache etag W/"87a7-+CR3OcGXs7EMfSRZ9MhYOn3mBNk" strict-transport-security max-age=31536000 vary Accept-Encoding via 1.1 vegur cf-cache-status MISS expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-cluster substack x-frame-options sameorigin x-powered-by Express x-served-by Substack server cloudflare content-encoding gzip
GET H2	200	main.css cdn.substack.com/theme/	371 KB 48 KB	63ms 14ms	Stylesheet text/css	18.66.248.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.substack.com/theme/main.css?v=c1932978f31e8142e43bbe22bd314c01 Requested by Host: substack.pseudosafe.com URL: https://substack.pseudosafe.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.15 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Express Resource Hash 7f3930bad52d8fe936c0f3eea6a3e969822a807c6e7ce0c1c34d6010574880ac Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://substack.pseudosafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-cluster substack etag W/"5cc30-SrDUarP4TOIy+NSUCeEz6IAJn5s" age 18349 x-powered-by Express x-cache Hit from cloudfront content-encoding gzip x-served-by Substack server Cowboy date Fri, 22 Oct 2021 19:33:10 GMT vary Accept-Encoding content-type text/css; charset=utf-8 via 1.1 vegur, 1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront) cache-control public, max-age=31557600 x-amz-cf-pop DUS51-P1 x-amz-cf-id HfRzQwnV7B6AIGfMXX3W3jIFhi5pGZgHPHSm3kjhWlr2Ve0zcA5CEg==
GET H2	200	c41771aeccbb43fbbffbc4755e65c9be.min.js Show response js.sentry-cdn.com/	2 KB 1 KB	27ms 7ms	Script text/javascript	151.101.66.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.sentry-cdn.com/c41771aeccbb43fbbffbc4755e65c9be.min.js Requested by Host: substack.pseudosafe.com URL: https://substack.pseudosafe.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5065d4b9912e57995203288884153db478f535a1d6134d882aadc1ace4437813 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://substack.pseudosafe.com/ Origin https://substack.pseudosafe.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 00:38:59 GMT content-encoding gzip x-content-type-options nosniff age 33 x-envoy-upstream-service-time 10 vary Accept-Encoding content-length 1018 x-xss-protection 1; mode=block x-served-by getsentry-web-default-production-5d44b7959d-c5pqx, cache-ord1738-ORD, cache-hhn4075-HHN x-frame-options deny strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-envoy-attempt-count 1 accept-ranges bytes
GET H2	200	main.bundle.js Show response cdn.substack.com/min/	1 MB 328 KB	63ms 14ms	Script application/javascript	18.66.248.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.substack.com/min/main.bundle.js?v=109965-17ca9754f50 Requested by Host: substack.pseudosafe.com URL: https://substack.pseudosafe.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.15 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Express Resource Hash 97939c28fe17ef633ccc00d04c4820c7036035c5d1f0420ac9242752dc2d9f20 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://substack.pseudosafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-cluster substack etag W/"109965-17ca9754f50" age 18349 x-powered-by Express x-cache Hit from cloudfront content-encoding gzip x-served-by Substack last-modified Fri, 22 Oct 2021 19:23:30 GMT server Cowboy date Fri, 22 Oct 2021 19:33:10 GMT vary Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 vegur, 1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront) cache-control public, max-age=31536000000 x-amz-cf-pop DUS51-P1 x-amz-cf-id fN016Zdwupf-uhUQYOcuTwrujgo4N6Q3GTI8BDq_BfmS7zATnKEYWg==
GET		channel-frame substack.com/ Frame F256	0 0
GET H2	200	channel-frame Show response substack.com/ Frame 053F	20 KB 4 KB	528ms 528ms	Document text/html	104.18.0.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://substack.com/channel-frame Requested by Host: cdn.substack.com URL: https://cdn.substack.com/min/main.bundle.js?v=109965-17ca9754f50 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.0.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 74c754e332374f8f39738ef5b2137435fc888339f4f877e3ba65e45a12d9ce1f Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :method GET :authority substack.com :scheme https :path /channel-frame pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 accept-language de-DE,de;q=0.9 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://substack.pseudosafe.com/ accept-encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Accept-Language de-DE,de;q=0.9 Referer https://substack.pseudosafe.com/ Response headers date Sat, 23 Oct 2021 00:38:59 GMT content-type text/html; charset=utf-8 cf-ray 6a26e7dc2a954132-PRG cache-control no-cache etag W/"503f-3l4rpJD1mIgspkLNzKTSY8Y95IA" set-cookie ajs_anonymous_id=%222f6d001b-55a5-4771-ae3e-5c3e1485c445%22; Max-Age=31536000; Domain=substack.com; Path=/; Expires=Sun, 23 Oct 2022 00:38:59 GMT; SameSite=Strict visit_id=%7B%22id%22%3A%22d3bd373e-6918-45c4-bbcd-f1f871618ee6%22%2C%22timestamp%22%3A%222021-10-23T00%3A38%3A59.578Z%22%7D; Max-Age=1800; Domain=substack.com; Path=/; Expires=Sat, 23 Oct 2021 01:08:59 GMT; HttpOnly; SameSite=Strict strict-transport-security max-age=31536000 via 1.1 vegur cf-cache-status DYNAMIC expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" x-cluster substack x-powered-by Express x-served-by Substack vary Accept-Encoding server cloudflare content-encoding gzip alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
GET H2	200	firehose substack.pseudosafe.com/api/v1/	35 B 442 B	411ms 411ms	Image image/gif	104.18.20.132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://substack.pseudosafe.com/api/v1/firehose?_=1634949539150&d=eyJldmVudCI6InBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoianppc2xxYzJ6dXEifSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsInBhZ2UiOnsicmVmZXJyZXIiOiIiLCJ0aXRsZSI6InBzZXVkb3NhZmUgfCBKYXkgVGF5bG9yIHwgU3Vic3RhY2siLCJ1cmwiOiJodHRwczovL3N1YnN0YWNrLnBzZXVkb3NhZmUuY29tLyJ9fX0%3D Requested by Host: substack.pseudosafe.com URL: https://substack.pseudosafe.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /api/v1/firehose?_=1634949539150&d=eyJldmVudCI6InBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoianppc2xxYzJ6dXEifSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsInBhZ2UiOnsicmVmZXJyZXIiOiIiLCJ0aXRsZSI6InBzZXVkb3NhZmUgfCBKYXkgVGF5bG9yIHwgU3Vic3RhY2siLCJ1cmwiOiJodHRwczovL3N1YnN0YWNrLnBzZXVkb3NhZmUuY29tLyJ9fX0%3D pragma no-cache cookie ajs_anonymous_id=%220d91d35d-7c5b-4f1b-9a19-6d37ad84f600%22 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority substack.pseudosafe.com referer https://substack.pseudosafe.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://substack.pseudosafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 00:38:59 GMT via 1.1 vegur cf-cache-status DYNAMIC x-cluster substack server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif set-cookie ajs_anonymous_id=%220d91d35d-7c5b-4f1b-9a19-6d37ad84f600%22; Max-Age=31536000; Domain=substack.pseudosafe.com; Path=/; Expires=Sun, 23 Oct 2022 00:38:59 GMT; SameSite=Strict visit_id=%7B%22id%22%3A%22ec53fb0b-2679-4055-839a-7012ab6e330e%22%2C%22timestamp%22%3A%222021-10-23T00%3A38%3A59.577Z%22%7D; Max-Age=1800; Domain=substack.pseudosafe.com; Path=/; Expires=Sat, 23 Oct 2021 01:08:59 GMT; HttpOnly; SameSite=Strict cache-control no-cache strict-transport-security max-age=31536000 cf-ray 6a26e7dc28a64137-PRG content-length 35 x-served-by Substack
GET H2	200	posts Show response substack.pseudosafe.com/api/v1/	2 B 295 B	428ms 428ms	XHR application/json	104.18.20.132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://substack.pseudosafe.com/api/v1/posts?limit=5&offset=0 Requested by Host: cdn.substack.com URL: https://cdn.substack.com/min/main.bundle.js?v=109965-17ca9754f50 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /api/v1/posts?limit=5&offset=0 pragma no-cache cookie ajs_anonymous_id=%220d91d35d-7c5b-4f1b-9a19-6d37ad84f600%22 accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest empty :authority substack.pseudosafe.com referer https://substack.pseudosafe.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://substack.pseudosafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 00:38:59 GMT via 1.1 vegur vary Accept-Encoding cf-cache-status DYNAMIC x-powered-by Express content-length 2 x-served-by Substack x-cluster substack server cloudflare etag W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 cache-control no-cache set-cookie ajs_anonymous_id=%220d91d35d-7c5b-4f1b-9a19-6d37ad84f600%22; Max-Age=31536000; Domain=substack.pseudosafe.com; Path=/; Expires=Sun, 23 Oct 2022 00:38:59 GMT; SameSite=Strict visit_id=%7B%22id%22%3A%2231629760-9eab-4313-8eb0-200710471f62%22%2C%22timestamp%22%3A%222021-10-23T00%3A38%3A59.589Z%22%7D; Max-Age=1800; Domain=substack.pseudosafe.com; Path=/; Expires=Sat, 23 Oct 2021 01:08:59 GMT; HttpOnly; SameSite=Strict cf-ray 6a26e7dc38a84137-PRG
GET H2	200	substack.css cdn.substack.com/theme/ Frame 053F	483 KB 63 KB	13ms 13ms	Stylesheet text/css	18.66.248.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.substack.com/theme/substack.css?v=9228ef793dc6ead448ab4ac117661f52 Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.15 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Express Resource Hash 206ef8bc1ba238b51a7ed2e6bc25a94020d12a80de3de47e0b716152302a9855 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-cluster substack etag W/"78c88-Xe1sutO0A26F3IxCCbB3ftp7NC0" age 18346 x-powered-by Express x-cache Hit from cloudfront content-encoding gzip x-served-by Substack server Cowboy date Fri, 22 Oct 2021 19:33:13 GMT vary Accept-Encoding content-type text/css; charset=utf-8 via 1.1 vegur, 1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront) cache-control public, max-age=31557600 x-amz-cf-pop DUS51-P1 x-amz-cf-id lg8bUKr0Ukj9XhHe5WMaaYeTzvo-7T3RTWo7s_p_x5zhxV2QF7j8Hg==
GET H2	200	c41771aeccbb43fbbffbc4755e65c9be.min.js Show response js.sentry-cdn.com/ Frame 053F	2 KB 1 KB	6ms 6ms	Script text/javascript	151.101.66.217 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.sentry-cdn.com/c41771aeccbb43fbbffbc4755e65c9be.min.js Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 151.101.66.217 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash 5065d4b9912e57995203288884153db478f535a1d6134d882aadc1ace4437813 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options deny X-Xss-Protection 1; mode=block Request headers Referer https://substack.com/ Origin https://substack.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 00:38:59 GMT content-encoding gzip x-content-type-options nosniff age 34 x-envoy-upstream-service-time 10 vary Accept-Encoding content-length 1018 x-xss-protection 1; mode=block x-served-by getsentry-web-default-production-5d44b7959d-c5pqx, cache-ord1738-ORD, cache-hhn4075-HHN x-frame-options deny strict-transport-security max-age=31536000; includeSubDomains content-type text/javascript access-control-allow-origin * cache-control public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000 x-envoy-attempt-count 1 accept-ranges bytes
GET H2	200	substack.bundle.js Show response cdn.substack.com/min/ Frame 053F	1 MB 367 KB	13ms 13ms	Script application/javascript	18.66.248.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.substack.com/min/substack.bundle.js?v=1348c4-17ca9754f50 Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.15 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Cowboy / Express Resource Hash 1667f38d5ca580cabdbb9357af192ba1eef83dc7a013c47ab25eeb84733e15af Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers strict-transport-security max-age=31536000 x-cluster substack etag W/"1348c4-17ca9754f50" age 18346 x-powered-by Express x-cache Hit from cloudfront content-encoding gzip x-served-by Substack last-modified Fri, 22 Oct 2021 19:23:30 GMT server Cowboy date Fri, 22 Oct 2021 19:33:13 GMT vary Accept-Encoding content-type application/javascript; charset=UTF-8 via 1.1 vegur, 1.1 5297df6326448099cefed6e96fd7b00b.cloudfront.net (CloudFront) cache-control public, max-age=31536000000 x-amz-cf-pop DUS51-P1 x-amz-cf-id _jTKZCuC4WjkJDfyj1W4wqpHW8Ynt495oZvTZPv_18qOSt8yR2EOhw==
GET H2	200	firehose substack.com/api/v1/ Frame 053F	35 B 385 B	417ms 417ms	Image image/gif	104.18.0.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://substack.com/api/v1/firehose?_=1634949539847&d=eyJldmVudCI6InBhZ2VzIiwicHJvcGVydGllcyI6eyJicm93c2VyU2Vzc2lvbklkIjoicTkyNDI5bWw0eWMifSwiY29udGV4dCI6eyJjbGllbnRfdHlwZSI6IndlYiIsInBhZ2UiOnsicmVmZXJyZXIiOiJodHRwczovL3N1YnN0YWNrLnBzZXVkb3NhZmUuY29tLyIsInRpdGxlIjoiU3Vic3RhY2sgLSBTdGFydCBhIHBhaWQgbmV3c2xldHRlciIsInVybCI6Imh0dHBzOi8vc3Vic3RhY2suY29tL2NoYW5uZWwtZnJhbWUifX19 Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.0.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://substack.com/channel-frame User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 00:39:00 GMT via 1.1 vegur cf-cache-status DYNAMIC x-cluster substack server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control no-cache strict-transport-security max-age=31536000 cf-ray 6a26e7e06d054132-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 35 x-served-by Substack
GET H2	200	firehose substack.com/api/v1/ Frame 053F	35 B 419 B	414ms 414ms	Image image/gif	104.18.0.201 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://substack.com/api/v1/firehose?_=1634949539892&d=eyJldmVudCI6IkZyYW1lIG1lc3NhZ2Ugc2VudCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6InE5MjQyOW1sNHljIn0sImNvbnRleHQiOnsiY2xpZW50X3R5cGUiOiJ3ZWIiLCJwYWdlIjp7InJlZmVycmVyIjoiaHR0cHM6Ly9zdWJzdGFjay5wc2V1ZG9zYWZlLmNvbS8iLCJ0aXRsZSI6IlN1YnN0YWNrIC0gU3RhcnQgYSBwYWlkIG5ld3NsZXR0ZXIiLCJ1cmwiOiJodHRwczovL3N1YnN0YWNrLmNvbS9jaGFubmVsLWZyYW1lIn19fQ%3D%3D Requested by Host: substack.com URL: https://substack.com/channel-frame Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.0.201 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Accept-Language de-DE,de;q=0.9 Referer https://substack.com/channel-frame User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 00:39:00 GMT via 1.1 vegur cf-cache-status DYNAMIC x-cluster substack server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif cache-control no-cache strict-transport-security max-age=31536000 cf-ray 6a26e7e06d064132-PRG alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400 content-length 35 x-served-by Substack
GET H2	200	firehose substack.pseudosafe.com/api/v1/	35 B 423 B	433ms 433ms	Image image/gif	104.18.20.132 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://substack.pseudosafe.com/api/v1/firehose?_=1634949539912&d=eyJldmVudCI6IkZyYW1lIG1lc3NhZ2UgaGFuZGxlZCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6Imp6aXNscWMyenVxIiwibG9nZ2VkSW5BdFN1YnN0YWNrIjpmYWxzZSwibG9nZ2VkSW5BdEN1c3RvbURvbWFpbiI6ZmFsc2UsImF0dGVtcHRSZWRpcmVjdCI6ZmFsc2V9LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwicGFnZSI6eyJyZWZlcnJlciI6IiIsInRpdGxlIjoicHNldWRvc2FmZSB8IEpheSBUYXlsb3IgfCBTdWJzdGFjayIsInVybCI6Imh0dHBzOi8vc3Vic3RhY2sucHNldWRvc2FmZS5jb20vIn19fQ%3D%3D Requested by Host: substack.pseudosafe.com URL: https://substack.pseudosafe.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.20.132 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers :path /api/v1/firehose?_=1634949539912&d=eyJldmVudCI6IkZyYW1lIG1lc3NhZ2UgaGFuZGxlZCIsInByb3BlcnRpZXMiOnsiYnJvd3NlclNlc3Npb25JZCI6Imp6aXNscWMyenVxIiwibG9nZ2VkSW5BdFN1YnN0YWNrIjpmYWxzZSwibG9nZ2VkSW5BdEN1c3RvbURvbWFpbiI6ZmFsc2UsImF0dGVtcHRSZWRpcmVjdCI6ZmFsc2V9LCJjb250ZXh0Ijp7ImNsaWVudF90eXBlIjoid2ViIiwicGFnZSI6eyJyZWZlcnJlciI6IiIsInRpdGxlIjoicHNldWRvc2FmZSB8IEpheSBUYXlsb3IgfCBTdWJzdGFjayIsInVybCI6Imh0dHBzOi8vc3Vic3RhY2sucHNldWRvc2FmZS5jb20vIn19fQ%3D%3D pragma no-cache cookie ajs_anonymous_id=%220d91d35d-7c5b-4f1b-9a19-6d37ad84f600%22; ajs_anonymous_id=%220d91d35d-7c5b-4f1b-9a19-6d37ad84f600%22; visit_id=%7B%22id%22%3A%2231629760-9eab-4313-8eb0-200710471f62%22%2C%22timestamp%22%3A%222021-10-23T00%3A38%3A59.589Z%22%7D accept-encoding gzip, deflate, br accept-language de-DE,de;q=0.9 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority substack.pseudosafe.com referer https://substack.pseudosafe.com/ :scheme https sec-fetch-site same-origin :method GET Accept-Language de-DE,de;q=0.9 Referer https://substack.pseudosafe.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 00:39:00 GMT via 1.1 vegur cf-cache-status DYNAMIC x-cluster substack server cloudflare x-powered-by Express expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type image/gif set-cookie ajs_anonymous_id=%220d91d35d-7c5b-4f1b-9a19-6d37ad84f600%22; Max-Age=31536000; Domain=substack.pseudosafe.com; Path=/; Expires=Sun, 23 Oct 2022 00:39:00 GMT; SameSite=Strict visit_id=%7B%22id%22%3A%2231629760-9eab-4313-8eb0-200710471f62%22%2C%22timestamp%22%3A%222021-10-23T00%3A38%3A59.589Z%22%7D; Max-Age=1800; Domain=substack.pseudosafe.com; Path=/; Expires=Sat, 23 Oct 2021 01:09:00 GMT; HttpOnly; SameSite=Strict cache-control no-cache strict-transport-security max-age=31536000 cf-ray 6a26e7e08af94137-PRG content-length 35 x-served-by Substack
GET H2	200	js Show response www.googletagmanager.com/gtag/ Frame 053F	124 KB 49 KB	45ms 23ms	Script application/javascript	142.250.185.232 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-TLW0DF6G5V&l=localGaDataLayer Requested by Host: cdn.substack.com URL: https://cdn.substack.com/min/substack.bundle.js?v=1348c4-17ca9754f50 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.232 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f8.1e100.net Software Google Tag Manager / Resource Hash 880a863be82c77f788e13d901a104109b7cecc0d97a42b9eca92cf5b29dec7f9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Accept-Language de-DE,de;q=0.9 Referer https://substack.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36 Response headers date Sat, 23 Oct 2021 00:39:00 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000 content-length 49402 x-xss-protection 0 expires Sat, 23 Oct 2021 00:39:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

substack.com

URL

https://substack.com/channel-frame

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforexrselect boolean| originAgentCluster function| balanceText object| Sentry object| _preloads object| _analyticsConfig object| IntlPolyfill function| setImmediate function| clearImmediate object| regeneratorRuntime function| _ function| I function| __captchaOnloadCallback

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			substack.pseudosafe.com/	1970-01-20 06:54:45	Name: ajs_anonymous_id Value: %220d91d35d-7c5b-4f1b-9a19-6d37ad84f600%22
			.substack.pseudosafe.com/	1970-01-20 06:54:45	Name: ajs_anonymous_id Value: %220d91d35d-7c5b-4f1b-9a19-6d37ad84f600%22
			.substack.pseudosafe.com/	1970-01-19 22:09:11	Name: visit_id Value: %7B%22id%22%3A%2231629760-9eab-4313-8eb0-200710471f62%22%2C%22timestamp%22%3A%222021-10-23T00%3A38%3A59.589Z%22%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.substack.com
js.sentry-cdn.com
substack.com
substack.pseudosafe.com
www.googletagmanager.com
substack.com
104.18.0.201
104.18.20.132
142.250.185.232
151.101.66.217
18.66.248.15
1667f38d5ca580cabdbb9357af192ba1eef83dc7a013c47ab25eeb84733e15af
206ef8bc1ba238b51a7ed2e6bc25a94020d12a80de3de47e0b716152302a9855
2fbc2d7d581184b2a531ca9abc7473e4af4728d7d20b16893a413d7b0723e43b
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5065d4b9912e57995203288884153db478f535a1d6134d882aadc1ace4437813
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
74c754e332374f8f39738ef5b2137435fc888339f4f877e3ba65e45a12d9ce1f
7f3930bad52d8fe936c0f3eea6a3e969822a807c6e7ce0c1c34d6010574880ac
880a863be82c77f788e13d901a104109b7cecc0d97a42b9eca92cf5b29dec7f9
97939c28fe17ef633ccc00d04c4820c7036035c5d1f0420ac9242752dc2d9f20