Submitted URL: https://account.lifeway.com/
Effective URL: https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.c...
Submission: On April 18 via api from US — Scanned from DE

Summary

This website contacted 14 IPs in 3 countries across 11 domains to perform 56 HTTP transactions. The main IP is 143.204.98.5, located in United States and belongs to AMAZON-02, US. The main domain is account.lifeway.com. The Cisco Umbrella rank of the primary domain is 302861.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 12th 2023. Valid for: a year.
This is the only time account.lifeway.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 143.204.98.5 16509 (AMAZON-02)
13 18.66.147.24 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2600:9000:249... 16509 (AMAZON-02)
2 35.201.112.186 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 68.70.204.1 44239 (PROINITY ...)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
6 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 1 13.32.121.41 16509 (AMAZON-02)
7 18.244.18.114 16509 (AMAZON-02)
1 142.250.181.228 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
56 14
Apex Domain
Subdomains
Transfer
28 lifeway.com
account.lifeway.com — Cisco Umbrella Rank: 302861
my.lifeway.com
3 MB
8 awswaf.com
f26495e0b95f.us-east-1.sdk.awswaf.com
f26495e0b95f.3421646e.us-east-1.token.awswaf.com — Cisco Umbrella Rank: 793156
293 KB
6 scene7.com
s7d9.scene7.com — Cisco Umbrella Rank: 17556
34 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 463
168 KB
2 bbb.org
seal-nashville.bbb.org — Cisco Umbrella Rank: 279650
7 KB
2 gstatic.com
fonts.gstatic.com
www.gstatic.com
219 KB
2 fullstory.com
edge.fullstory.com — Cisco Umbrella Rank: 2169
rs.fullstory.com Failed
79 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
880 B
1 clicktale.net
cdnssl.clicktale.net — Cisco Umbrella Rank: 6141
477 B
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 744
25 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
1 KB
56 11
Domain Requested by
15 account.lifeway.com 1 redirects my.lifeway.com
account.lifeway.com
13 my.lifeway.com my.lifeway.com
7 f26495e0b95f.3421646e.us-east-1.token.awswaf.com account.lifeway.com
f26495e0b95f.us-east-1.sdk.awswaf.com
6 s7d9.scene7.com my.lifeway.com
4 use.typekit.net my.lifeway.com
2 seal-nashville.bbb.org my.lifeway.com
2 edge.fullstory.com my.lifeway.com
edge.fullstory.com
1 www.gstatic.com www.google.com
1 www.google.com account.lifeway.com
1 f26495e0b95f.us-east-1.sdk.awswaf.com 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 cdnssl.clicktale.net my.lifeway.com
1 unpkg.com my.lifeway.com
1 fonts.googleapis.com my.lifeway.com
0 rs.fullstory.com Failed edge.fullstory.com
56 15

This site contains links to these domains. Also see Links.

Domain
support.lifeway.com
www.lifeway.com
Subject Issuer Validity Valid
*.lifeway.com
Amazon RSA 2048 M01
2023-07-18 -
2024-08-16
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
unpkg.com
GTS CA 1P5
2024-04-01 -
2024-06-30
3 months crt.sh
ct-tag.clicktale.net
Amazon RSA 2048 M02
2024-03-27 -
2025-04-26
a year crt.sh
edge.fullstory.com
GTS CA 1D4
2024-03-07 -
2024-06-05
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.bbb.org
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-04-26 -
2024-04-25
a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-02-01 -
2025-03-03
a year crt.sh
*.scene7.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-11 -
2024-11-13
a year crt.sh
*.google.com
GTS CA 1C3
2024-03-18 -
2024-06-10
3 months crt.sh
*.3421646e.us-east-1.token.awswaf.com
Amazon RSA 2048 M01
2023-06-05 -
2024-07-03
a year crt.sh

This page contains 2 frames:

Primary Page: https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Frame ID: 7CFBF8BDB4714538080A95C2D9936415
Requests: 56 HTTP requests in this frame

Frame: https://my.lifeway.com/oauth2/silent.html?error=login_required&state=17c4e823288d4f8f91fbd88a1a846d33&session_state=A0130C741D9B3BD3B58245F50BCC03DA7D1F8B8F9F6CEEF887DB2D97A38D9E16.68290DFEAC04B7CBE4E40E1ABB4BC5D4D4F48C2DA453CD318AE93013907F71CA
Frame ID: C8224F4DE0E5B653BB2A6F8FD65CD725
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Log In

Page URL History Show full URLs

  1. https://account.lifeway.com/ HTTP 303
    https://my.lifeway.com/ Page URL
  2. https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

56
Requests

95 %
HTTPS

50 %
IPv6

11
Domains

15
Subdomains

14
IPs

3
Countries

3615 kB
Transfer

12756 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://account.lifeway.com/ HTTP 303
    https://my.lifeway.com/ Page URL
  2. https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://account.lifeway.com/ HTTP 303
  • https://my.lifeway.com/
Request Chain 34
  • https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2%2Fsilent.html&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=17c4e823288d4f8f91fbd88a1a846d33&code_challenge=1QQV-CVChd5_C3ZxTC-MlqjkmlWVEywq-N9qMB9tkvc&code_challenge_method=S256&prompt=none HTTP 302
  • https://my.lifeway.com/oauth2/silent.html?error=login_required&state=17c4e823288d4f8f91fbd88a1a846d33&session_state=A0130C741D9B3BD3B58245F50BCC03DA7D1F8B8F9F6CEEF887DB2D97A38D9E16.68290DFEAC04B7CBE4E40E1ABB4BC5D4D4F48C2DA453CD318AE93013907F71CA
Request Chain 40
  • https://f26495e0b95f.us-east-1.sdk.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js HTTP 307
  • https://f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
my.lifeway.com/
Redirect Chain
  • https://account.lifeway.com/
  • https://my.lifeway.com/
4 KB
4 KB
Document
General
Full URL
https://my.lifeway.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5bf427f754425e89a242f2036bbb08a182a5cbf3bf76ffee622e427a5c47246
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Accept-Ranges
bytes
Age
276
Cache-Control
public, max-age=0, s-maxage=300
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1647
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Content-Type
text/html
Date
Thu, 18 Apr 2024 18:04:23 GMT
ETag
"d2b4ad9f20e4be0b04c5a9b3d5aafc4b"
Last-Modified
Wed, 17 Apr 2024 20:26:37 GMT
Referrer-Policy
same-origin
Server
AmazonS3
Strict-Transport-Security
max-age=31536000
Via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
X-Amz-Cf-Id
dC3vi44bE4GpaVPWgNyrxlBR_czFGQqL9U53Fiomv2hYD1qYblS12A==
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Hit from cloudfront
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
X-XSS-Protection
1; mode=block
totalPages
same-origin
x-amz-server-side-encryption
AES256

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
date
Thu, 18 Apr 2024 18:05:16 GMT
expires
0
if-modified-since
Mon, 26 Jul 1997 05:00:00 GMT
location
https://my.lifeway.com
pragma
no-cache
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
strict-transport-security
max-age=10886400; includeSubDomains
vary
Origin
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id
XV179Bo9Kvb0coivlFDnB5JDNLXbn_4s0M3WPFZiG1v4qZR0-_lDKA==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
config.js
my.lifeway.com/
3 KB
5 KB
Script
General
Full URL
https://my.lifeway.com/config.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Date
Thu, 18 Apr 2024 18:05:17 GMT
Via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA60-P4
x-amz-server-side-encryption
AES256
X-Cache
RefreshHit from cloudfront
Connection
keep-alive
Content-Length
3317
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Thu, 04 Apr 2024 16:04:53 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"4e4a9492498d5c063f148ec2140ca9fc"
X-Frame-Options
SAMEORIGIN
Content-Type
application/javascript
Cache-Control
public, max-age=0, s-maxage=300
Accept-Ranges
bytes
X-Amz-Cf-Id
Tdzk_AsSoIjYtRfJq8BrBEfgJRorJaWrN36VQPbE-nTwt6BLfqOsMw==
css
fonts.googleapis.com/
9 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
791a9c06cacdae293ed08ca424f8ce695f1148de035dec42d57fe89eed8ae427
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Thu, 18 Apr 2024 18:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 18 Apr 2024 18:05:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 18 Apr 2024 18:05:16 GMT
head.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
293 B
2 KB
Script
General
Full URL
https://my.lifeway.com/js/head.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
755841b723c7713a9fd87645cccd4d0d277d1bf94d961338d0d29693824285de
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:31:57 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77599
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
252
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:23:59 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"921e1b84c29e0b075f75bfbb7262a8c5"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
BmNtVzm965rYutW2UitY8IxGinxO3Azwpo-CAJMIHHSNkzQZ3mnDgQ==
jquery.slim.min.js
unpkg.com/jquery@3.6.0/dist/
71 KB
25 KB
Script
General
Full URL
https://unpkg.com/jquery@3.6.0/dist/jquery.slim.min.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:16 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
3100281
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01HRWSFKYDNRJ3PMB9CWPQN5CV-fra
server
cloudflare
etag
W/"11ab4-0cZwTpTv4tRl/BYbY4HhJ9NazYE"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
87669500effa9bec-FRA
189.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
28 KB
13 KB
Script
General
Full URL
https://my.lifeway.com/js/189.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
74b2db2d97a867a49e94ce578b7ec375d4ccc504ff3bd8ecf2c24e484f60fb5c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:31:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77599
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
11496
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:24:29 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"618ff71fdd017d1793a634e6d2ca80bf"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
a0LFfp065DaaDa05zEUNB6SyY1iSaQf9fyRR8Ow3m9fbb0GVGRlW2g==
4266.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
177 KB
56 KB
Script
General
Full URL
https://my.lifeway.com/js/4266.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3deabc1a1719406dcc0dbfa041dcf96be96a6e9e694b27dad8139115440c92fd
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:31:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77599
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
54644
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:25:43 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"7618f934d63fd4a32551b92ea9008b87"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
LfsR42QMsjEbKp_iinERdQKg1EzO5PiFPukDrDCEVEE-6iLoPDlcbA==
vendors.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
9 KB
6 KB
Script
General
Full URL
https://my.lifeway.com/js/vendors.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
83cdf924b67da2913e96ee22363b0fb4945547cf124fd78be0eb63890e38cc4d
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:31:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77599
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
3883
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:23:59 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"dff33f75175098cd94a33c83072c4ccb"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
Ys9YxKfshdIfbv0xwdxIlfq2JwU1-UgIS5eN2yscDEYOgmbLiqZeRg==
5139.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
8 MB
2 MB
Script
General
Full URL
https://my.lifeway.com/js/5139.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f718bdccb174bf53c88e195d1b7a32c3819efb6eb40086f563871ab19e113fb6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:31:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77599
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2043051
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:26:00 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"9b57658da56a3e44a0539e33198b3bde"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
VuSUD2KSAn89Ze4_9Yv7yGM0O1eRR_55L_q2cvkcDPfMAhPZNg3Jww==
app.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
686 KB
143 KB
Script
General
Full URL
https://my.lifeway.com/js/app.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f552f59ab522789b32e049bca38be897f3ef4a841451ec24fd048c39a465c3d6
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:31:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77599
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
144592
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:25:54 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"7425257daa3ac8f2ac6d3513c0972076"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
beGtAN_ZWkRjc5X4THUkEBOu_kzbJwHbiWFwH-KKmteno8a9E5ZgMw==
oidc-silent.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
95 KB
29 KB
Script
General
Full URL
https://my.lifeway.com/js/oidc-silent.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e8f2c62ccd6c4aeb07e16fab0f8fea2a74f69e01b193c0a0d32e0b7fa5cdb26c
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:31:58 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77599
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
27552
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:25:22 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"bd09e4edd7f5b51c2df40472d6f7a39e"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
0iw9S0tLTwhRISzMajVQw1myP-qJiU3vTfRvtEHeNR-LFl8cF5XYlw==
9c5fc958-37f8-458b-a100-6d81f98583c9.js
cdnssl.clicktale.net/www06/ptc/
0
477 B
Script
General
Full URL
https://cdnssl.clicktale.net/www06/ptc/9c5fc958-37f8-458b-a100-6d81f98583c9.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:fa00:c:7c62:1240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 17 Apr 2024 11:33:45 GMT
content-encoding
br
via
1.1 b26b931354407da013ac53d2c1c55034.cloudfront.net (CloudFront)
x-amz-version-id
grKSMIHvNDzYJUqlvUlSlz6eBPNZq66t
x-amz-cf-pop
FRA56-P6
age
0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1
last-modified
Thu, 04 Apr 2024 14:01:10 GMT
server
AmazonS3
etag
"9eecb7db59d16c80417c72d1e1f4fbf1"
vary
Origin
content-type
application/javascript;charset=utf-8
cache-control
max-age=900
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
ZuYcoVw82Flx-uc8lgDTbsfjyFxpkaGJDjDNz3Bit80rvoK87LkyEA==
fs.js
edge.fullstory.com/s/
263 KB
72 KB
Script
General
Full URL
https://edge.fullstory.com/s/fs.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://my.lifeway.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 17:24:48 GMT
content-encoding
br
age
2428
x-guploader-uploadid
ABPtcPpNn8_mXuWQZFYVm_UKTYK8KfvOpRBXAs4pFDkSJ3I4bmOHU1eoc5yD_6Rr92geXCGZ3tGQ6m72HA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
br
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73052
last-modified
Mon, 15 Apr 2024 13:22:46 GMT
server
UploadServer
etag
"380d8a7f0c6efde29aadfbaeffde8d5a"
vary
Accept-Encoding
x-goog-generation
1713187366176458
x-goog-hash
crc32c=VjwVaQ==, md5=OA2Kfwxu/eKarfuu/96NWg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600,no-transform
x-goog-stored-content-length
73052
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 18 Apr 2024 18:24:48 GMT
servertime
account.lifeway.com/oauth2/
23 B
980 B
XHR
General
Full URL
https://account.lifeway.com/oauth2/servertime
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/js/5139.89a50866d56ec20c0c6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=10886400; includeSubDomains
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
if-modified-since
Mon, 26 Jul 1997 05:00:00 GMT
content-length
49
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
oNWkc1sBBdE8bhyBhIksjdJ2L6JAqWjfvUb5LZqFfGYo5ifc9FkUwg==
expires
0
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,600,600i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.googleapis.com/
Origin
https://my.lifeway.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 13 Apr 2024 10:42:02 GMT
x-content-type-options
nosniff
age
458594
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Apr 2025 10:42:02 GMT
6090.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
5 KB
4 KB
Script
General
Full URL
https://my.lifeway.com/js/6090.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/js/app.89a50866d56ec20c0c6f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:32:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77582
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
2026
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:24:22 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"6296ed5e8b56d3522af35f38c172b194"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
0rP0Nh6Z2Jjox83dHkgslluClssCU6zZ1t8SZTrs47kbP0W83yhH8Q==
6521.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
30 KB
12 KB
Script
General
Full URL
https://my.lifeway.com/js/6521.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/js/app.89a50866d56ec20c0c6f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:32:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 7efdfc8e9ebc26758933b0151e22707e.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77582
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
9618
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:24:25 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"1ec498dcade378829d28991d0b66819a"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
MqjCdCFSCf6mz7UiSAWU2asQlpFBqdaSkTGHrraLk92_wPLAQRQnsA==
217.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
12 KB
7 KB
Script
General
Full URL
https://my.lifeway.com/js/217.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/js/app.89a50866d56ec20c0c6f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:32:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77582
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
4654
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:24:20 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"d90639525f6d0a34dde9d0d9dd764c69"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
0DtZ07LW0YE4XLocRJaXKCk2_tzt8XrBstiwenuq5qyS9uNiYXjOSw==
1896.89a50866d56ec20c0c6f.js
my.lifeway.com/js/
22 KB
9 KB
Script
General
Full URL
https://my.lifeway.com/js/1896.89a50866d56ec20c0c6f.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/js/app.89a50866d56ec20c0c6f.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-24.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 17 Apr 2024 20:32:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Security-Policy
default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
Strict-Transport-Security
max-age=31536000
X-Amz-Cf-Pop
FRA60-P4
Age
77582
x-amz-server-side-encryption
AES256
X-Cache
Hit from cloudfront
Connection
keep-alive
Content-Length
6933
X-XSS-Protection
1; mode=block
Referrer-Policy
same-origin
Last-Modified
Wed, 17 Apr 2024 20:24:13 GMT
Server
AmazonS3
totalPages
same-origin
ETag
"46b136ffc0bed2c9b8bbea33dd2710b9"
X-Frame-Options
SAMEORIGIN
Content-Type
text/javascript
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
X-Amz-Cf-Id
Epsj6XT_aDvfcQE46yI18VaF_hd7O4m3L9g0C3GZoDxRBvfi9Hg_Vg==
lifeway-christian-resources-11175.js
seal-nashville.bbb.org/logo/
1 KB
1 KB
Script
General
Full URL
https://seal-nashville.bbb.org/logo/lifeway-christian-resources-11175.js
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/js/app.89a50866d56ec20c0c6f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.204.1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn / ASP.NET
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:16 GMT
content-encoding
gzip
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-length
704
last-modified
Fri, 12 Apr 2024 17:46:56 GMT
server
keycdn
etag
"fde7a66918dda1:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
x-shield
active
expires
Thu, 18 Apr 2024 22:05:16 GMT
truncated
/
173 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
lifeway-christian-resources-11175.png
seal-nashville.bbb.org/logo/rbhzbus/
6 KB
6 KB
Image
General
Full URL
https://seal-nashville.bbb.org/logo/rbhzbus/lifeway-christian-resources-11175.png
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
68.70.204.1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn / ASP.NET
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:16 GMT
last-modified
Thu, 18 Apr 2024 09:02:15 GMT
server
keycdn
x-aspnet-version
4.0.30319
x-edge-location
defr
x-powered-by
ASP.NET
x-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=14400
accept-ranges
bytes
x-robots-tag
noindex
x-shield
active
content-length
6267
expires
Thu, 18 Apr 2024 22:05:16 GMT
openid-configuration
account.lifeway.com/.well-known/
1 KB
1 KB
Fetch
General
Full URL
https://account.lifeway.com/.well-known/openid-configuration
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/jwk-set+json, application/json
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=10886400; includeSubDomains
x-amz-cf-pop
FRA50-C1
age
10
x-cache
Hit from cloudfront
content-length
480
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=300, s-maxage=300
x-amz-cf-id
n42Lh8IyTmZmAVCXHvAu1BnS9TJL5JgrBxJBVvCiz_IEe6eJolu1sQ==
openid-configuration
account.lifeway.com/.well-known/
1 KB
0
Fetch
General
Full URL
https://account.lifeway.com/.well-known/openid-configuration
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/jwk-set+json, application/json
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
x-amz-cf-pop
FRA50-C1
age
10
x-cache
Hit from cloudfront
content-length
480
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=300, s-maxage=300
x-amz-cf-id
n42Lh8IyTmZmAVCXHvAu1BnS9TJL5JgrBxJBVvCiz_IEe6eJolu1sQ==
l
use.typekit.net/af/a9c452/000000000000000077359d9c/30/
27 KB
28 KB
Font
General
Full URL
https://use.typekit.net/af/a9c452/000000000000000077359d9c/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Origin
https://my.lifeway.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:16 GMT
server
nginx
etag
"d591c683c7e1ab7a1e6bce0a1071211fbb6fcf4b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
28036
l
use.typekit.net/af/5e6988/00000000000000007735a163/30/
46 KB
46 KB
Font
General
Full URL
https://use.typekit.net/af/5e6988/00000000000000007735a163/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Origin
https://my.lifeway.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:16 GMT
server
nginx
etag
"6c7f6faf833b2ec0ec96352fe0a408d237d7154e"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47152
serving-icon
s7d9.scene7.com/is/image/LifeWayChristianResources/
30 KB
30 KB
Image
General
Full URL
https://s7d9.scene7.com/is/image/LifeWayChristianResources/serving-icon?fmt=png-alpha
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c85::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
-x-adobe-assetlist
[LifeWayChristianResources/serving-icon]
date
Thu, 18 Apr 2024 18:05:16 GMT
last-modified
Thu, 22 Apr 2021 18:17:21 GMT
server
Unknown
akamai-grn
0.47173317.1713463516.15bdf84f
x-adobe-modifierlist
QlpoOTFBWSZTWWSXUl8AAAADgAAKAQIEACAAMM0AwaQuOLuSKcKEgyS6kvg=
etag
"e9a6a58d92e46337f66fdfa2e145dad5"
x-adobe-assetlist
QlpoOTFBWSZTWfMwuQwAAAMXgAACiAQQiivhnyAgACKE0yfqnkJ+oj9UKADEaaaNH0gcPM33Mg+Utn3JTb+DOlqClXmwH4u5IpwoSHmYXIYA
access-control-allow-origin
*
content-type
image/png
x-akamai-cache
Hit
content-length
30234
expires
Thu, 18 Apr 2024 22:37:52 GMT
1-treasure-icon
s7d9.scene7.com/is/image/LifeWayChristianResources/
483 B
934 B
Image
General
Full URL
https://s7d9.scene7.com/is/image/LifeWayChristianResources/1-treasure-icon?fmt=png-alpha
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c85::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
-x-adobe-assetlist
[LifeWayChristianResources/1-treasure-icon]
date
Thu, 18 Apr 2024 18:05:16 GMT
last-modified
Thu, 22 Apr 2021 18:17:24 GMT
server
Unknown
akamai-grn
0.47173317.1713463516.15bdf852
x-adobe-modifierlist
QlpoOTFBWSZTWWSXUl8AAAADgAAKAQIEACAAMM0AwaQuOLuSKcKEgyS6kvg=
etag
"c2092761a8ed52f8c2807407ad31d80d"
x-adobe-assetlist
QlpoOTFBWSZTWUNJq8wAAAQfgAACoAAIBBCKK2GeICAAMUaMgaNMjQppoA0HpGmDWLXE0gDz0yBDkd+4KL6ys6rbclZ4tA/i7kinChIIaTV5gA==
access-control-allow-origin
*
content-type
image/png
x-akamai-cache
Hit
content-length
483
expires
Thu, 18 Apr 2024 23:12:21 GMT
2-care-icon
s7d9.scene7.com/is/image/LifeWayChristianResources/
600 B
1 KB
Image
General
Full URL
https://s7d9.scene7.com/is/image/LifeWayChristianResources/2-care-icon?fmt=png-alpha
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c85::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
-x-adobe-assetlist
[LifeWayChristianResources/2-care-icon]
date
Thu, 18 Apr 2024 18:05:16 GMT
last-modified
Thu, 22 Apr 2021 18:17:22 GMT
server
Unknown
akamai-grn
0.47173317.1713463516.15bdf851
x-adobe-modifierlist
QlpoOTFBWSZTWWSXUl8AAAADgAAKAQIEACAAMM0AwaQuOLuSKcKEgyS6kvg=
etag
"6d1831cac1407dd8555bf6a4fb0e2d38"
x-adobe-assetlist
QlpoOTFBWSZTWWnvEdcAAAQfgAACkAAIBBCKK2GeICAAMUaMgaNMjQoMgNB6RpHCk1waRG9Y6UAfC36gqvrKxMHIdD+LuSKcKEg094jrgA==
access-control-allow-origin
*
content-type
image/png
x-akamai-cache
Hit
content-length
600
expires
Thu, 18 Apr 2024 22:43:00 GMT
3-be-better-icon
s7d9.scene7.com/is/image/LifeWayChristianResources/
259 B
714 B
Image
General
Full URL
https://s7d9.scene7.com/is/image/LifeWayChristianResources/3-be-better-icon?fmt=png-alpha
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c85::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
-x-adobe-assetlist
[LifeWayChristianResources/3-be-better-icon]
date
Thu, 18 Apr 2024 18:05:16 GMT
last-modified
Thu, 22 Apr 2021 18:17:22 GMT
server
Unknown
akamai-grn
0.47173317.1713463516.15bdf854
x-adobe-modifierlist
QlpoOTFBWSZTWWSXUl8AAAADgAAKAQIEACAAMM0AwaQuOLuSKcKEgyS6kvg=
etag
"846a285c59402a69691b074a4b7edf3a"
x-adobe-assetlist
QlpoOTFBWSZTWeQI8g4AAASfgAACiAAIBBCKO2GeICAAIim0amGk09T2o1CgAxGmmjQ8uEhR34Y0pYmz8D0T5LPccwGiDLKpOtvxdyRThQkOQI8g4A==
access-control-allow-origin
*
content-type
image/png
x-akamai-cache
Hit
content-length
259
expires
Thu, 18 Apr 2024 19:21:42 GMT
4-create-icon
s7d9.scene7.com/is/image/LifeWayChristianResources/
475 B
924 B
Image
General
Full URL
https://s7d9.scene7.com/is/image/LifeWayChristianResources/4-create-icon?fmt=png-alpha
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c85::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
-x-adobe-assetlist
[LifeWayChristianResources/4-create-icon]
date
Thu, 18 Apr 2024 18:05:16 GMT
last-modified
Thu, 22 Apr 2021 18:17:24 GMT
server
Unknown
akamai-grn
0.47173317.1713463516.15bdf855
x-adobe-modifierlist
QlpoOTFBWSZTWWSXUl8AAAADgAAKAQIEACAAMM0AwaQuOLuSKcKEgyS6kvg=
etag
"722d4f6a3bcdf62d04d5f9a447dec133"
x-adobe-assetlist
QlpoOTFBWSZTWXpqDdEAAAQfgAAChAAIBBCKK2GeICAAMUaMgaNMjQo0MgBtRoVxJrLPBLHPY38JBT4aKg9UMTbdhDQvi7kinChIPTUG6IA=
access-control-allow-origin
*
content-type
image/png
x-akamai-cache
Hit
content-length
475
expires
Fri, 19 Apr 2024 02:34:23 GMT
5-chart-icon
s7d9.scene7.com/is/image/LifeWayChristianResources/
368 B
812 B
Image
General
Full URL
https://s7d9.scene7.com/is/image/LifeWayChristianResources/5-chart-icon?fmt=png-alpha
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/profile
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c85::9b6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
-x-adobe-assetlist
[LifeWayChristianResources/5-chart-icon]
date
Thu, 18 Apr 2024 18:05:16 GMT
last-modified
Thu, 22 Apr 2021 18:17:24 GMT
server
Unknown
akamai-grn
0.47173317.1713463516.15bdf853
x-adobe-modifierlist
QlpoOTFBWSZTWWSXUl8AAAADgAAKAQIEACAAMM0AwaQuOLuSKcKEgyS6kvg=
etag
"548174ba2e9dee065e92b3a374f1b64a"
x-adobe-assetlist
QlpoOTFBWSZTWVpb7ckAAAQfgAACggAIBBCKK2GeICAAIo0DQA8oFGjIGjTI0QmHqjWEA13ECQ9ObkFPZn2Y8ZdZLH4u5IpwoSC0t9uS
access-control-allow-origin
*
content-type
image/png
x-akamai-cache
Hit
content-length
368
expires
Fri, 19 Apr 2024 04:00:19 GMT
servertime
account.lifeway.com/oauth2/
23 B
980 B
XHR
General
Full URL
https://account.lifeway.com/oauth2/servertime
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/js/oidc-silent.89a50866d56ec20c0c6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
via
1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=10886400; includeSubDomains
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
if-modified-since
Mon, 26 Jul 1997 05:00:00 GMT
content-length
49
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
179XYsb-Nf5aJzaSZNTQMkQG_FuboYALOeEZQdzO8NKM39ypQnLr5Q==
expires
0
web
edge.fullstory.com/s/settings/o-1JPS6J-na1/v1/
41 KB
7 KB
XHR
General
Full URL
https://edge.fullstory.com/s/settings/o-1JPS6J-na1/v1/web
Requested by
Host: edge.fullstory.com
URL: https://edge.fullstory.com/s/fs.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.112.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.112.201.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:16 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPrf2aZzi0HFRriHCkuTLkUvM-Fobs2d2qAkhqOgZad9smzY9xbCpQB4csSOCiR8RnRHb3h1DIgQsw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6776
last-modified
Thu, 18 Apr 2024 18:02:27 GMT
server
UploadServer
etag
"9c9d33bb25effa1a05b9afc59dfd8ad5"
x-goog-generation
1713463346971683
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=L2qgmg==, md5=nJ0zuyXv+hoFua/Fnf2K1Q==
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=900,no-transform
x-goog-stored-content-length
6776
accept-ranges
bytes
expires
Thu, 18 Apr 2024 18:20:16 GMT
Primary Request authorize
account.lifeway.com/
5 KB
3 KB
Document
General
Full URL
https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Requested by
Host: my.lifeway.com
URL: https://my.lifeway.com/js/5139.89a50866d56ec20c0c6f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
17881e3b187358feec3be4501500ebd913b1269a59ef050142230079e509cc15
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1761
content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
content-type
text/html; charset=utf-8
date
Thu, 18 Apr 2024 18:05:17 GMT
expires
0
if-modified-since
Mon, 26 Jul 1997 05:00:00 GMT
pragma
no-cache
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
strict-transport-security
max-age=10886400; includeSubDomains
vary
Origin,Accept-Encoding
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-amz-cf-id
N-wLMggIfpgnmSLr15hdVgWEsGjvmKgjoD3Twc8H_eo9yAbTP2hHIw==
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
DENY
x-permitted-cross-domain-policies
master-only
x-xss-protection
1; mode=block
silent.html
my.lifeway.com/oauth2/ Frame C822
Redirect Chain
  • https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2%2Fsilent.html&response_type=code&scope=openid+basic-profile+a...
  • https://my.lifeway.com/oauth2/silent.html?error=login_required&state=17c4e823288d4f8f91fbd88a1a846d33&session_state=A0130C741D9B3BD3B58245F50BCC03DA7D1F8B8F9F6CEEF887DB2D97A38D9E16.68290DFEAC04B7CB...
0
0

l
use.typekit.net/af/61b4ba/00000000000000007735a167/30/
47 KB
47 KB
Font
General
Full URL
https://use.typekit.net/af/61b4ba/00000000000000007735a167/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Origin
https://my.lifeway.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:16 GMT
server
nginx
etag
"5fed17d5bea029195a99ba74b516f25ee725434b"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
48280
l
use.typekit.net/af/4abf65/00000000000000007735a15d/30/
47 KB
47 KB
Font
General
Full URL
https://use.typekit.net/af/4abf65/00000000000000007735a15d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:16::215:149a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://my.lifeway.com/
Origin
https://my.lifeway.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:16 GMT
server
nginx
etag
"c376eb069a6278d6a0283f0e01c1f3a15e1c61da"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
47668
page
rs.fullstory.com/rec/
0
0

h.css
account.lifeway.com/a/
31 KB
8 KB
Stylesheet
General
Full URL
https://account.lifeway.com/a/h.css
Requested by
Host: account.lifeway.com
URL: https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
7cb20c8c536c5a908ae101c1750235d452810fdc6d3a1a5d3456224179072ac8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=10886400; includeSubDomains
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
date
Thu, 18 Apr 2024 18:04:24 GMT
x-amz-cf-pop
FRA50-C1
age
53
x-cache
Hit from cloudfront
content-length
6769
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Fri, 01 Jan 2010 00:00:00 GMT
etag
"6b5c80a87cbae03208eb0787fae2965e081aa0ec"
x-frame-options
DENY
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=300, s-maxage=300
accept-ranges
bytes
x-amz-cf-id
lyNbMNpXGc1yS77GsODTLHc3Eme5wVaiJqwfNbb9dZOvP08Z-eUSEQ==
h.js
account.lifeway.com/a/
10 KB
4 KB
Script
General
Full URL
https://account.lifeway.com/a/h.js
Requested by
Host: account.lifeway.com
URL: https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
b631335eabef062349ed914a35188c83bc4e377868939458e15dd43c85f745a2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=10886400; includeSubDomains
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
date
Thu, 18 Apr 2024 18:04:24 GMT
x-amz-cf-pop
FRA50-C1
age
53
x-cache
Hit from cloudfront
content-length
2953
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Fri, 01 Jan 2010 00:00:00 GMT
etag
"d9d8fa9f0fb204ff83374b7e53fcf8cd8517e65a"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300, s-maxage=300
accept-ranges
bytes
x-amz-cf-id
1O0GR5FSNnipKdfTsmXNAauXx2cQpWmR_YyZA-3LNMVQ0i8G4VIF5A==
challenge.js
f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/
Redirect Chain
  • https://f26495e0b95f.us-east-1.sdk.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js
  • https://f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js
1 MB
285 KB
Script
General
Full URL
https://f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js
Requested by
Host: account.lifeway.com
URL: https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Protocol
H2
Server
18.244.18.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-114.fra56.r.cloudfront.net
Software
/
Resource Hash
c4bd090a68e1af3cfee9b8cda9d4ce862963b8a3776f972757bf2511bed5ce32

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://account.lifeway.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 18:05:17 GMT
content-encoding
gzip
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
last-modified
Thu, 18 Apr 2024 18:05:17 +0000
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-662160dd-526ff6dd52b89fcd18192f88
content-type
text/javascript
cache-control
private, max-age=86400
x-amz-cf-id
irI4AteJztYZOqHbXgJqQZRCV7Gcd50r7lAWZAl1odSzkQsbeaPDTQ==
expires
0

Redirect headers

date
Thu, 18 Apr 2024 18:05:17 GMT
via
1.1 ec85113c6ed859938b3fcfa19bc035f8.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P1
access-control-max-age
86400
access-control-allow-methods
*
x-cache
FunctionGeneratedResponse from cloudfront
access-control-allow-origin
*
location
https://f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js
cache-control
max-age=86400
access-control-allow-headers
*
content-length
0
x-amz-cf-id
6Tre0EKnV_NCMtdsGHC_h64Eal7mdh5lEiatoY11nP48-Q8p_9Dlog==
lifewayicon.svg
account.lifeway.com/a/
1 KB
1 KB
Image
General
Full URL
https://account.lifeway.com/a/lifewayicon.svg
Requested by
Host: account.lifeway.com
URL: https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
aa0d1be0e8a32b548278577db25f6dcb0003c7acac357160243c0454333f462a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=10886400; includeSubDomains
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
date
Thu, 18 Apr 2024 18:04:24 GMT
x-amz-cf-pop
FRA50-C1
age
53
x-cache
Hit from cloudfront
content-length
564
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Fri, 01 Jan 2010 00:00:00 GMT
etag
"458d1851369ee5647615704ee2a95c18ef283853"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=300, s-maxage=300
accept-ranges
bytes
x-amz-cf-id
zvMSdpA8Qy9Opie576WA7GM5GW8_v-evh6-bIMqiqXc5jNFN6Vumpg==
eye.svg
account.lifeway.com/a/
524 B
1 KB
Image
General
Full URL
https://account.lifeway.com/a/eye.svg
Requested by
Host: account.lifeway.com
URL: https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
1e9c5438ad998f36814936fdd949d506a47d6796e61a9c3ba91fc2253f71535b
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=10886400; includeSubDomains
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
date
Thu, 18 Apr 2024 18:04:24 GMT
x-amz-cf-pop
FRA50-C1
age
53
x-cache
Hit from cloudfront
content-length
326
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Fri, 01 Jan 2010 00:00:00 GMT
etag
"74d0af4368b82672dc4f3da8c2a581c500767509"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=300, s-maxage=300
accept-ranges
bytes
x-amz-cf-id
8oKTkrQcRW6mjw5Net97JWicr7FWbx7txdsP2J13VKko87x9a6kvbA==
passkey-login.js
account.lifeway.com/a/
110 KB
41 KB
Script
General
Full URL
https://account.lifeway.com/a/passkey-login.js
Requested by
Host: account.lifeway.com
URL: https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
f8d74fa6af1045fa5ed4021bddbbde4383af3b5df7f24013e57f40efef6260b9
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=10886400; includeSubDomains
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
date
Thu, 18 Apr 2024 18:04:25 GMT
x-amz-cf-pop
FRA50-C1
age
52
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Fri, 01 Jan 2010 00:00:00 GMT
etag
"b33477ddda0e51345a844eece256fe909e57536e"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300, s-maxage=300
accept-ranges
bytes
x-amz-cf-id
fbAIFaSVtsoIutj1A6otdJSvuVIK6Gd9Ns9788DsxRQ0M2b4f6cAew==
f.js
account.lifeway.com/a/
918 KB
434 KB
Script
General
Full URL
https://account.lifeway.com/a/f.js
Requested by
Host: account.lifeway.com
URL: https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
22ce660623dfc89e7ac585ef9ddb9bce1754ec8f13c32d5744490026d38eabfb
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=10886400; includeSubDomains
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
date
Thu, 18 Apr 2024 18:04:25 GMT
x-amz-cf-pop
FRA50-C1
age
52
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Fri, 01 Jan 2010 00:00:00 GMT
etag
"d49c763806ce2b753732b7ddafa0115dae73a233"
x-frame-options
DENY
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300, s-maxage=300
accept-ranges
bytes
x-amz-cf-id
CZptyHf4z5zNULxJBXnLVSbXv4OtoVah-7Dg4Xpceh1d1HjmfbKjog==
api.js
www.google.com/recaptcha/
1 KB
880 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit
Requested by
Host: account.lifeway.com
URL: https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f4.1e100.net
Software
GSE /
Resource Hash
b3d43f5610e26a72f8e96eddd222f0124d20acdd1a12d72c85a6e2cccb2650af
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 18 Apr 2024 18:05:17 GMT
logo.svg
account.lifeway.com/a/
2 KB
2 KB
Image
General
Full URL
https://account.lifeway.com/a/logo.svg
Requested by
Host: account.lifeway.com
URL: https://account.lifeway.com/a/h.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
0d299bdb55960327fa2c9836206ae677374adf826b84dc9071fedf0ce69c21b8
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.lifeway.com/a/h.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=10886400; includeSubDomains
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
date
Thu, 18 Apr 2024 18:04:25 GMT
x-amz-cf-pop
FRA50-C1
age
52
x-cache
Hit from cloudfront
content-length
1157
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Fri, 01 Jan 2010 00:00:00 GMT
etag
"6bfa40442bdd9c471676ea0cfbc7275e90aa7a02"
x-frame-options
DENY
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=300, s-maxage=300
accept-ranges
bytes
x-amz-cf-id
Yvt-tSDcyvp21cl6F6vuLk3soUJhxafzQxSw82gmQ2LTXStwYI5REQ==
passkeyConditionalMediation
account.lifeway.com/webauthn/api/b2ef9f19-3f32-4b32-9b80-1a471b2c3ac1/
119 B
1 KB
Fetch
General
Full URL
https://account.lifeway.com/webauthn/api/b2ef9f19-3f32-4b32-9b80-1a471b2c3ac1/passkeyConditionalMediation
Requested by
Host: account.lifeway.com
URL: https://account.lifeway.com/a/passkey-login.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
b2e303e66dfcd64c65216a881fc418544c1d44d921736203c656535d7b771cc2
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 18 Apr 2024 18:05:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=10886400; includeSubDomains
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
if-modified-since
Mon, 26 Jul 1997 05:00:00 GMT
content-length
142
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
vary
Origin,Accept-Encoding
x-frame-options
DENY
content-type
application/json
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
hkjAvYfV4mZJ6zyDG_VowKEm6E1mk9ZVS-oKAWy69rvPdzaBYPFwCA==
expires
0
recaptcha__de.js
www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/
510 KB
204 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/QoukH5jSO3sKFzVEA7Vc8VgC/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9fdca10f4fced6a31a29cc740d2cacf2d897045dba62ec96169ae82f3411fed2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.lifeway.com/
Origin
https://account.lifeway.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 14:29:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
12924
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
207948
x-xss-protection
0
last-modified
Mon, 15 Apr 2024 02:01:04 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 18 Apr 2025 14:29:53 GMT
verify
f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/
324 B
743 B
Fetch
General
Full URL
https://f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/verify
Requested by
Host: f26495e0b95f.us-east-1.sdk.awswaf.com
URL: https://f26495e0b95f.us-east-1.sdk.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-114.fra56.r.cloudfront.net
Software
/
Resource Hash
bccbd4c2925f97b19d32222135a741fa4461c0654c6376a7f21c7fda7c7c7a22

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://account.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 18:05:18 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-662160de-0f98fd730df377232e00fe10
cache-control
no-cache, no-store, must-revalidate
content-length
324
x-amz-cf-id
7KpfDZyHEpuF9RJPV13CJCS2_wgxG51mpKdjYh0O4RIlwUDvI1yvdg==
expires
0
favicon-32x32.png
account.lifeway.com/
301 B
1 KB
Other
General
Full URL
https://account.lifeway.com/favicon-32x32.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-5.fra50.r.cloudfront.net
Software
/
Resource Hash
91bfa8c5a51189cbb261a995cf2b58ae8ec39a205148e5ef65f895d6aa165e03
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
Strict-Transport-Security max-age=10886400; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://account.lifeway.com/authorize?client_id=05374379-D758-4B45-A856-7FE3B3183807&redirect_uri=https%3A%2F%2Fmy.lifeway.com%2Foauth2callback&response_type=code&scope=openid+basic-profile+auth-logininfo+mlc-gateway+auth-credentialmgmt+auth-thirdpartygrants-read+auth-thirdpartygrants-write+auth-thirdpartyidpmgmt+invitation+auth-devicemgmt&state=1a6df361b81445db8b0591618f4d145c&code_challenge=KR0wHHcPS2fu--JgoOFslGCOjOuzMeLf_1aoZZsruVg&code_challenge_method=S256
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 18:05:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'self'; img-src data: 'self' https://ssl.gstatic.com/; media-src 'self'; script-src 'self' *.awswaf.com https://apis.google.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline'; font-src 'self'; frame-src 'self' https://www.google.com/recaptcha/; child-src 'self' https://www.google.com/recaptcha/; connect-src 'self' *.awswaf.com; base-uri 'self'; frame-ancestors 'none';
via
1.1 24475cc722041223cf99f56b55432566.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies
master-only
strict-transport-security
max-age=10886400; includeSubDomains
x-amz-cf-pop
FRA50-C1
x-cache
Miss from cloudfront
if-modified-since
Mon, 26 Jul 1997 05:00:00 GMT
content-length
318
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
last-modified
Fri, 01 Jan 2010 00:00:00 GMT
etag
"f87426bb20c72730377ee1313c0314628a88c2d7"
vary
Origin,Accept-Encoding
x-frame-options
DENY
content-type
image/png
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
x-amz-cf-id
jJGm8IQV8IQTwEu60Rt1iWAvfEbUZ1A2RC2odJx1TNam4BIHKhi3BA==
expires
0
telemetry
f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/
892 B
1 KB
Fetch
General
Full URL
https://f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/telemetry
Requested by
Host: f26495e0b95f.us-east-1.sdk.awswaf.com
URL: https://f26495e0b95f.us-east-1.sdk.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-114.fra56.r.cloudfront.net
Software
/
Resource Hash
e871870e5ef877c537452a4c1420e25a9acf297651f6eabb6d7846ed9c1299d2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://account.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 18:05:19 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-662160df-15140f842e270f35422e02df
cache-control
no-cache, no-store, must-revalidate
content-length
892
x-amz-cf-id
lvXlmzbU1bx1ZjXE2r5OshEr7nKO6w0vtVQLeIh0lp1hDapZqkev6Q==
expires
0
telemetry
f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/
980 B
1 KB
Fetch
General
Full URL
https://f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/telemetry
Requested by
Host: f26495e0b95f.us-east-1.sdk.awswaf.com
URL: https://f26495e0b95f.us-east-1.sdk.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-114.fra56.r.cloudfront.net
Software
/
Resource Hash
a4da4f5ba6173db0cb8a16423e992e709dc69ed9ee883e12e2de2aeac133ad7a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://account.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 18:05:19 GMT
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
access-control-max-age
86400
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-662160df-6858c3e64415ec01324b49e5
cache-control
no-cache, no-store, must-revalidate
content-length
980
x-amz-cf-id
TnVOVNi0g4DvuXeclQC4L1zUMMy2r_2SkDhd-yeyy8gxfhh1MDIP6A==
expires
0
telemetry
f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/
1 KB
1 KB
Fetch
General
Full URL
https://f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/telemetry
Requested by
Host: f26495e0b95f.us-east-1.sdk.awswaf.com
URL: https://f26495e0b95f.us-east-1.sdk.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-114.fra56.r.cloudfront.net
Software
/
Resource Hash
ac26aefd61273e6e25f3363df74bc0754fc2ce92da69c15b0a9b3b263efb8bf2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://account.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 18:05:20 GMT
content-encoding
gzip
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-662160e0-73d9fea43bef4b09650f0b8b
cache-control
no-cache, no-store, must-revalidate
access-control-max-age
86400
x-amz-cf-id
cnRkYc2FvFWcneJPja6Obh8chEQwY5CAIWKPYVTVWrhh5WKu75YOlg==
expires
0
telemetry
f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/
1 KB
1 KB
Fetch
General
Full URL
https://f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/telemetry
Requested by
Host: f26495e0b95f.us-east-1.sdk.awswaf.com
URL: https://f26495e0b95f.us-east-1.sdk.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-114.fra56.r.cloudfront.net
Software
/
Resource Hash
161245153f0731dc2424046a2a703e4e8f1fdfddec5e27ddc997152b02b2230f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://account.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 18:05:21 GMT
content-encoding
gzip
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-662160e1-11c5dc7f068672df67d771e7
cache-control
no-cache, no-store, must-revalidate
access-control-max-age
86400
x-amz-cf-id
JxA-fTGiN4ZHj8IgIEjVPS0-aRC-Ql4geckV3UkqV4ESCpwYAIyC0A==
expires
0
telemetry
f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/
1 KB
1 KB
Fetch
General
Full URL
https://f26495e0b95f.3421646e.us-east-1.token.awswaf.com/f26495e0b95f/b7eec7e93824/telemetry
Requested by
Host: f26495e0b95f.us-east-1.sdk.awswaf.com
URL: https://f26495e0b95f.us-east-1.sdk.awswaf.com/f26495e0b95f/b7eec7e93824/challenge.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-114.fra56.r.cloudfront.net
Software
/
Resource Hash
92f2c03978f19c07ce2147759d7a832f24958a4879ebd94bd1b2889de3929437

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://account.lifeway.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 18 Apr 2024 18:05:22 GMT
content-encoding
gzip
via
1.1 abf6c055b398b223d7325958955066c0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P11
vary
Accept-Encoding
access-control-allow-methods
OPTIONS,GET,POST
content-type
application/json
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amzn-waf-challenge-id
Root=1-662160e2-3da237fc33cf85cc38d00532
cache-control
no-cache, no-store, must-revalidate
access-control-max-age
86400
x-amz-cf-id
SGU-s2LH4eFKmF2lykEakOua82pAqcTIszcTHkFvBPTlH6wgo0X2iQ==
expires
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
my.lifeway.com
URL
https://my.lifeway.com/oauth2/silent.html?error=login_required&state=17c4e823288d4f8f91fbd88a1a846d33&session_state=A0130C741D9B3BD3B58245F50BCC03DA7D1F8B8F9F6CEEF887DB2D97A38D9E16.68290DFEAC04B7CBE4E40E1ABB4BC5D4D4F48C2DA453CD318AE93013907F71CA
Domain
rs.fullstory.com
URL
https://rs.fullstory.com/rec/page

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Modernizr function| recaptchaCallback object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| recaptcha object| a2_0x7ffe function| a2_0x33bb object| AwsWafIntegration object| ChallengeScript

2 Cookies

Domain/Path Name / Value
.lifeway.com/ Name: SSO_LOGIN
Value: eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7InNlc3Npb24taWQiOiJoTnZCU20zWmV4eWdwRFBTUUg3MzZhVVlpNHlrMFZQSzAyRHJZTTVDR3c0In0sIm5iZiI6MTcxMzQ2MzUxNywiaWF0IjoxNzEzNDYzNTE3fQ.OhSqvexjkI83wVYOQFCvp59hmOGB0wjz4JTna4_2yWY
.account.lifeway.com/ Name: aws-waf-token
Value: 0ce9a844-1edd-4ea4-82af-4fe483accaaf:EQoArXN94FQcAAAA:K6AbifpqtZSg+nQIxaiwUB9qyFBmxxZGmc1RAkN5duNGAuGIPUVsSNbYQ69Zt8v1ArZ7TsOlngnvigu44Lb2bIQ+MyIuBKPVhvqlUYRotS8gvzmZyOM2HjQ9cMIFHFpaaPRDzUtis62cfVBjgQLXQYA8InAiyH05XUjtefQq0XkGwLnckKNYWk6O9gMBtmzUNFf7rpxRtA+Xj7gAFKBrf1zal8NTA7Nq8wxqGGL86RpgqIFhBuUzIwnodIoSf1YLyJK6+/vQquZLU/pno7qiF+NAQSTafTw6U6D2aA==

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src * data:; frame-src 'self' https://customer-estatements-prod.s3.amazonaws.com https://*.demdex.net https://account.lifeway.com https://seal-nashville.bbb.org https://unpkg.com https://*.clicktale.net https://*.fullstory.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.lifeway.com https://*.facebook.net https://*.facebook.com https://*.adobedtm.com https://*.google-analytics.com https://*.googletagmanager.com https://www.google-analytics.com https://ssl.google-analytics.com https://app.intercom.io https://widget.intercom.io https://js.intercomcdn.com https://cdnssl.clicktale.net https://unpkg.com https://*.contentsquare.net https://*.contentsquare.com https://edge.fullstory.com https://seal-nashville.bbb.org https://*.clicktale.net https://*.fullstory.com; connect-src 'self' https://prod-mylifeway-tax-exemptions.s3.amazonaws.com https://*.omtrdc.net https://*.demdex.net https://*.lifeway.com https://www.facebook.com https://*.braintreegateway.com https://*.braintree-api.com wss://*.intercom.io https://*.intercom.io https://*.intercomcdn.com https://*.clicktale.net https://*.contentsquare.net https://*.algolia.net https://*.algolianet.com https://*.fullstory.com; style-src 'self' 'unsafe-inline' https://fonts.gstatic.com https://fonts.googleapis.com; font-src * data: https://js.intercomcdn.com http://fonts.intercomcdn.com; object-src * blob:; worker-src blob:; child-src blob:;
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

account.lifeway.com
cdnssl.clicktale.net
edge.fullstory.com
f26495e0b95f.3421646e.us-east-1.token.awswaf.com
f26495e0b95f.us-east-1.sdk.awswaf.com
fonts.googleapis.com
fonts.gstatic.com
my.lifeway.com
rs.fullstory.com
s7d9.scene7.com
seal-nashville.bbb.org
unpkg.com
use.typekit.net
www.google.com
www.gstatic.com
my.lifeway.com
rs.fullstory.com
13.32.121.41
142.250.181.228
143.204.98.5
18.244.18.114
18.66.147.24
2600:9000:2490:fa00:c:7c62:1240:93a1
2606:4700::6811:f5cb
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:81c::2003
2a02:26f0:3500:16::215:149a
2a02:26f0:3500:c85::9b6
35.201.112.186
68.70.204.1
0d299bdb55960327fa2c9836206ae677374adf826b84dc9071fedf0ce69c21b8
161245153f0731dc2424046a2a703e4e8f1fdfddec5e27ddc997152b02b2230f
17881e3b187358feec3be4501500ebd913b1269a59ef050142230079e509cc15
1e9c5438ad998f36814936fdd949d506a47d6796e61a9c3ba91fc2253f71535b
22ce660623dfc89e7ac585ef9ddb9bce1754ec8f13c32d5744490026d38eabfb
3deabc1a1719406dcc0dbfa041dcf96be96a6e9e694b27dad8139115440c92fd
74b2db2d97a867a49e94ce578b7ec375d4ccc504ff3bd8ecf2c24e484f60fb5c
755841b723c7713a9fd87645cccd4d0d277d1bf94d961338d0d29693824285de
791a9c06cacdae293ed08ca424f8ce695f1148de035dec42d57fe89eed8ae427
7cb20c8c536c5a908ae101c1750235d452810fdc6d3a1a5d3456224179072ac8
83cdf924b67da2913e96ee22363b0fb4945547cf124fd78be0eb63890e38cc4d
91bfa8c5a51189cbb261a995cf2b58ae8ec39a205148e5ef65f895d6aa165e03
92f2c03978f19c07ce2147759d7a832f24958a4879ebd94bd1b2889de3929437
9fdca10f4fced6a31a29cc740d2cacf2d897045dba62ec96169ae82f3411fed2
a4da4f5ba6173db0cb8a16423e992e709dc69ed9ee883e12e2de2aeac133ad7a
aa0d1be0e8a32b548278577db25f6dcb0003c7acac357160243c0454333f462a
ac26aefd61273e6e25f3363df74bc0754fc2ce92da69c15b0a9b3b263efb8bf2
b2e303e66dfcd64c65216a881fc418544c1d44d921736203c656535d7b771cc2
b3d43f5610e26a72f8e96eddd222f0124d20acdd1a12d72c85a6e2cccb2650af
b631335eabef062349ed914a35188c83bc4e377868939458e15dd43c85f745a2
bbb7b9921ca2b61948753a6edb63c78443663dc45d1621d18e102e1dcb34e512
bccbd4c2925f97b19d32222135a741fa4461c0654c6376a7f21c7fda7c7c7a22
c4bd090a68e1af3cfee9b8cda9d4ce862963b8a3776f972757bf2511bed5ce32
e871870e5ef877c537452a4c1420e25a9acf297651f6eabb6d7846ed9c1299d2
e8f2c62ccd6c4aeb07e16fab0f8fea2a74f69e01b193c0a0d32e0b7fa5cdb26c
f552f59ab522789b32e049bca38be897f3ef4a841451ec24fd048c39a465c3d6
f5bf427f754425e89a242f2036bbb08a182a5cbf3bf76ffee622e427a5c47246
f718bdccb174bf53c88e195d1b7a32c3819efb6eb40086f563871ab19e113fb6
f8d74fa6af1045fa5ed4021bddbbde4383af3b5df7f24013e57f40efef6260b9