urlscan.io logo urlscan.io
SecurityTrails logo

start.hellogetsafe.com Open in urlscan Pro
2606:4700:20::681a:9a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKl...
Effective URL: https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaig...
Submission: On February 13 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 37 IPs in 7 countries across 36 domains to perform 57 HTTP transactions. The main IP is 2606:4700:20::681a:9a1, located in United States and belongs to CLOUDFLARENET, US. The main domain is start.hellogetsafe.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on November 4th 2019. Valid for: a year.
This is the only time start.hellogetsafe.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.16.231.163 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 151.139.128.10 20446 (HIGHWINDS3)
2 151.101.14.109 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 35.188.42.15 15169 (GOOGLE)
1 13.225.82.80 16509 (AMAZON-02)
1 23.210.250.44 16625 (AKAMAI-AS)
1 4 70.42.32.31 22075 (AS-OUTBRAIN)
1 147.75.32.125 54825 (PACKET)
1 52.25.251.215 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 108.161.187.71 33438 (HIGHWINDS2)
1 2600:1901:0:4... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 6 23.210.248.216 16625 (AKAMAI-AS)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
1 147.75.84.39 54825 (PACKET)
15 18 3.248.28.111 16509 (AMAZON-02)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 130.211.34.183 15169 (GOOGLE)
1 2 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2a05:f500:10:... 14413 (LINKEDIN)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 147.75.32.13 54825 (PACKET)
2 35.227.225.220 15169 (GOOGLE)
2 2 52.58.138.174 16509 (AMAZON-02)
1 2 35.156.71.125 16509 (AMAZON-02)
1 2 23.210.249.164 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 185.64.189.110 62713 (AS-PUBMATIC)
1 1 2a00:1288:f03... 10310 (YAHOO-1)
1 151.101.114.2 54113 (FASTLY)
1 2 35.157.121.171 16509 (AMAZON-02)
1 2 52.57.242.37 16509 (AMAZON-02)
1 185.33.223.218 29990 (ASN-APPNEX)
1 35.190.72.21 15169 (GOOGLE)
1 2 34.95.120.147 15169 (GOOGLE)
2 2 172.217.16.162 15169 (GOOGLE)
57 37
1    104.16.231.163 (United States)

ASN13335 (CLOUDFLARENET, US)
r.daily1.finimize.com
1    2606:4700:3031::6818:6a67 (United States)

ASN13335 (CLOUDFLARENET, US)
sibautomation.com
3    2606:4700:20::681a:9a1 (United States)

ASN13335 (CLOUDFLARENET, US)
start.hellogetsafe.com
1    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
pro.fontawesome.com
2    151.101.14.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cdn.polyfill.io
1    2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    35.188.42.15 (United States)

ASN15169 (GOOGLE, US)
PTR: 15.42.188.35.bc.googleusercontent.com
sentry.io
1    13.225.82.80 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-82-80.fra2.r.cloudfront.net
cdn.segment.com
1    23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com
amplify.outbrain.com
4    70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
tr.outbrain.com
amplifypixel.outbrain.com
sync.outbrain.com
1    147.75.32.125 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress14
static.hotjar.com
1    52.25.251.215 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-25-251-215.us-west-2.compute.amazonaws.com
api.segment.io
3    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    108.161.187.71 (United States)

ASN33438 (HIGHWINDS2, US)
assets.customer.io
1    2600:1901:0:498c:: (United States)

ASN15169 (GOOGLE, US)
cdn.mxpnl.com
3    2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
6    23.210.248.216 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-216.deploy.static.akamaitechnologies.com
s.adroll.com
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    2a02:26f0:10c:39e::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
snap.licdn.com
1    147.75.84.39 (Parsippany, United States)

ASN54825 (PACKET, US)
script.hotjar.com
18    3.248.28.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
d.adroll.mgr.consensu.org
d.adroll.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    130.211.34.183 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 183.34.211.130.bc.googleusercontent.com
api-js.mixpanel.com
2    2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN, US)
px.ads.linkedin.com
1    2a05:f500:10:101::b93f:9101 (Ireland)

ASN14413 (LINKEDIN, US)
www.linkedin.com
3    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    147.75.32.13 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
PTR: pkt-ams-k2-shared-ingress9
vars.hotjar.com
2    35.227.225.220 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 220.225.227.35.bc.googleusercontent.com
track.customer.io
2    52.58.138.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-138-174.eu-central-1.compute.amazonaws.com
pixel.advertising.com
2    35.156.71.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-71-125.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2a00:1288:f03d:1fa::4000 (United Kingdom)

ASN10310 (YAHOO-1, US)
ads.yahoo.com
1    151.101.114.2 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
trc.taboola.com
2    35.157.121.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-121-171.eu-central-1.compute.amazonaws.com
eb2.3lift.com
2    52.57.242.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-242-37.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    185.33.223.218 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    35.190.72.21 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 21.72.190.35.bc.googleusercontent.com
idsync.rlcdn.com
2    34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com
us-u.openx.net
2    172.217.16.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s11-in-f2.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
23 adroll.com
s.adroll.com
d.adroll.com
27 KB
5 outbrain.com
amplify.outbrain.com
tr.outbrain.com
amplifypixel.outbrain.com
sync.outbrain.com
4 KB
3 yahoo.com
ups.analytics.yahoo.com
ads.yahoo.com
1 KB
3 facebook.com
www.facebook.com
483 B
3 linkedin.com
px.ads.linkedin.com
www.linkedin.com
2 KB
3 mixpanel.com
api-js.mixpanel.com
543 B
3 doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
686 B
3 google-analytics.com
www.google-analytics.com
19 KB
3 customer.io
assets.customer.io
track.customer.io
2 KB
3 facebook.net
connect.facebook.net
167 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
72 KB
3 hellogetsafe.com
start.hellogetsafe.com
521 KB
2 openx.net
us-u.openx.net
358 B
2 bidswitch.net
x.bidswitch.net
906 B
2 3lift.com
eb2.3lift.com
737 B
2 casalemedia.com
dsum-sec.casalemedia.com
2 KB
2 advertising.com
pixel.advertising.com
814 B
2 bing.com
bat.bing.com
8 KB
2 polyfill.io
cdn.polyfill.io
800 B
1 rlcdn.com
idsync.rlcdn.com
40 B
1 adnxs.com
ib.adnxs.com
887 B
1 taboola.com
trc.taboola.com
201 B
1 pubmatic.com
simage2.pubmatic.com
886 B
1 rubiconproject.com
pixel.rubiconproject.com
239 B
1 google.de
www.google.de
109 B
1 google.com
www.google.com
189 B
1 consensu.org
d.adroll.mgr.consensu.org
137 B
1 licdn.com
snap.licdn.com
2 KB
1 mxpnl.com
cdn.mxpnl.com
24 KB
1 segment.io
api.segment.io
145 B
1 segment.com
cdn.segment.com
80 KB
1 sentry.io
sentry.io
430 B
1 googletagmanager.com
www.googletagmanager.com
26 KB
1 fontawesome.com
pro.fontawesome.com
10 KB
1 sibautomation.com
sibautomation.com
1 finimize.com
r.daily1.finimize.com
992 B
57 36
Domain Requested by
17 d.adroll.com 14 redirects
6 s.adroll.com 1 redirects cdn.segment.com
s.adroll.com
3 www.facebook.com
3 api-js.mixpanel.com start.hellogetsafe.com
3 www.google-analytics.com 1 redirects cdn.segment.com
www.google-analytics.com
3 connect.facebook.net cdn.segment.com
connect.facebook.net
3 start.hellogetsafe.com r.daily1.finimize.com
start.hellogetsafe.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 x.bidswitch.net 1 redirects
2 eb2.3lift.com 1 redirects
2 sync.outbrain.com 1 redirects
2 dsum-sec.casalemedia.com 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 pixel.advertising.com 2 redirects
2 track.customer.io
2 px.ads.linkedin.com 1 redirects
2 bat.bing.com cdn.segment.com
2 cdn.polyfill.io start.hellogetsafe.com
1 idsync.rlcdn.com
1 ib.adnxs.com
1 trc.taboola.com
1 ads.yahoo.com 1 redirects
1 simage2.pubmatic.com
1 pixel.rubiconproject.com
1 vars.hotjar.com static.hotjar.com
1 www.linkedin.com 1 redirects
1 www.google.de
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 d.adroll.mgr.consensu.org 1 redirects
1 script.hotjar.com static.hotjar.com
1 snap.licdn.com cdn.segment.com
1 cdn.mxpnl.com cdn.segment.com
1 assets.customer.io cdn.segment.com
1 api.segment.io start.hellogetsafe.com
1 static.hotjar.com cdn.segment.com
1 amplifypixel.outbrain.com
1 tr.outbrain.com
1 amplify.outbrain.com r.daily1.finimize.com
1 cdn.segment.com r.daily1.finimize.com
1 sentry.io start.hellogetsafe.com
1 www.googletagmanager.com start.hellogetsafe.com
1 pro.fontawesome.com start.hellogetsafe.com
1 sibautomation.com r.daily1.finimize.com
1 r.daily1.finimize.com
57 46

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-01-31 -
2020-10-09		 8 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-29 -
2020-04-22		 3 months crt.sh
sentry.io
DigiCert SHA2 Secure Server CA		 2017-03-24 -
2020-06-21		 3 years crt.sh
*.segment.com
DigiCert SHA2 Secure Server CA		 2019-06-24 -
2020-07-01		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2018-12-14 -
2020-03-14		 a year crt.sh
static.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
*.customer.io
Sectigo RSA Domain Validation Secure Server CA		 2019-02-13 -
2020-03-14		 a year crt.sh
*.mxpnl.com
RapidSSL RSA CA 2018		 2019-07-29 -
2021-07-28		 2 years crt.sh
*.adroll.com
DigiCert SHA2 Secure Server CA		 2020-01-29 -
2021-04-29		 a year crt.sh
www.bing.com
Microsoft IT TLS CA 2		 2019-04-30 -
2021-04-30		 2 years crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
script.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
adroll.mgr.consensu.org
Amazon		 2019-11-06 -
2020-12-06		 a year crt.sh
www.google.de
GTS CA 1O1		 2020-01-21 -
2020-04-14		 3 months crt.sh
*.mixpanel.com
RapidSSL RSA CA 2018		 2018-01-11 -
2020-05-01		 2 years crt.sh
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA		 2019-05-29 -
2021-06-29		 2 years crt.sh
vars.hotjar.com
Let's Encrypt Authority X3		 2020-02-03 -
2020-05-03		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2019-10-30 -
2020-04-27		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2019-07-17 -
2020-03-09		 8 months crt.sh
*.rubiconproject.com
DigiCert SHA2 Secure Server CA		 2019-01-10 -
2021-01-14		 2 years crt.sh
*.pubmatic.com
Sectigo RSA Organization Validation Secure Server CA		 2019-02-22 -
2021-02-21		 2 years crt.sh
f2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-07-30 -
2020-07-25		 a year crt.sh
*.3lift.com
Amazon		 2019-07-17 -
2020-08-17		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2019-04-17 -
2020-05-04		 a year crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-04-24 -
2020-04-23		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2018-01-04 -
2020-07-09		 3 years crt.sh

This page contains 3 frames:

Primary Page: https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Frame ID: 005AC9D7EA86212A5369DDA4B6204A8E
Requests: 55 HTTP requests in this frame

Frame: https://sibautomation.com/cm.html?id=2238669
Frame ID: 9EEFC9294AFAA779360D23926C517B8B
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Frame ID: 614C598E36E0E10024348C2F1BF3B93A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrk... Page URL
  2. https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=a... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • script /(?:a|s)\.adroll\.com/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
Overall confidence: 100%
Detected patterns
  • script /^https?:\/\/cdn\.polyfill\.io\//i
  • script /\/polyfill\.min\.js/i
Overall confidence: 100%
Detected patterns
  • script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

57
Requests

98 %
HTTPS

35 %
IPv6

36
Domains

46
Subdomains

37
IPs

7
Countries

962 kB
Transfer

3205 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog Page URL
  2. https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25
  • https://s.adroll.com/j/exp/CFWGEAZVUFGT7GKI4GLGYL/index.js HTTP 302
  • https://s.adroll.com/j/exp/index.js
Request Chain 27
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/CFWGEAZVUFGT7GKI4GLGYL?_s=cf3446411508083b78d779cd7238be46&_b=2 HTTP 302
  • https://d.adroll.com/consent/check/CFWGEAZVUFGT7GKI4GLGYL/?_s=cf3446411508083b78d779cd7238be46&_b=2
Request Chain 28
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1384673619&t=pageview&_s=1&dl=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&dr=http%3A%2F%2Fr.daily1.finimize.com%2Fmk%2Fcl%2Ff%2Ftr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog&dp=%2Fen-gb%2Fflows%2Fcontents-gb&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAEAj~&jid=1934562043&gjid=1609328150&cid=42890841.1581605442&tid=UA-106632927-1&_gid=2043775368.1581605442&_r=1&z=2017767950 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106632927-1&cid=42890841.1581605442&jid=1934562043&_gid=2043775368.1581605442&gjid=1609328150&_v=j81&z=2017767950 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106632927-1&cid=42890841.1581605442&jid=1934562043&_v=j81&z=2017767950 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106632927-1&cid=42890841.1581605442&jid=1934562043&_v=j81&z=2017767950&slf_rd=1&random=3725488156
Request Chain 32
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120050&url=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&time=1581605441614 HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D120050%26url%3Dhttps%253A%252F%252Fstart.hellogetsafe.com%252Fen-gb%252Fflows%252Fcontents-gb%253Fcampaign%253Dukcontents20%2526coupon%253DFINIMIZE20%2526utm_source%253Daffiliate%2526utm_campaign%253Dgrouponuk20200210%26time%3D1581605441614%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120050&url=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&time=1581605441614&liSync=true
Request Chain 36
  • https://d.adroll.com/pixel/CFWGEAZVUFGT7GKI4GLGYL/G37WQUJSGJA3XKQUOI5BGJ?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&pv=96312422476.96017&cookie=&keyw=&arrfrr=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210 HTTP 302
  • https://s.adroll.com/pixel/CFWGEAZVUFGT7GKI4GLGYL/G37WQUJSGJA3XKQUOI5BGJ/I6YBXAZJFZDJRMGMTJ54ES.js
Request Chain 40
  • https://d.adroll.com/cm/aol/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://pixel.advertising.com/ups/55980/sync?uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP34d41825-4e70-11ea-8d67-029abc142158 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP34d41825-4e70-11ea-8d67-029abc142158&verify=true
Request Chain 41
  • https://d.adroll.com/cm/index/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&expiration=1613141441 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&expiration=1613141441&C=1
Request Chain 42
  • https://d.adroll.com/cm/n/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&expires=365
Request Chain 43
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&rdrctExp=true
Request Chain 44
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Request Chain 45
  • https://d.adroll.com/cm/r/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA HTTP 302
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Request Chain 46
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
Request Chain 47
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&dongle=c85e HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Request Chain 48
  • https://d.adroll.com/cm/b/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
Request Chain 49
  • https://d.adroll.com/cm/x/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://ib.adnxs.com/setuid?entity=172&code=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
Request Chain 50
  • https://d.adroll.com/cm/l/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://idsync.rlcdn.com/377928.gif?partner_uid=58c06568e54daa5017be70de45e63ca0
Request Chain 51
  • https://d.adroll.com/cm/o/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=58c06568e54daa5017be70de45e63ca0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=58c06568e54daa5017be70de45e63ca0
Request Chain 52
  • https://d.adroll.com/cm/g/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL&google_nid=adroll5 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=WMBlaOVNqlAXvnDeReY8oA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=WMBlaOVNqlAXvnDeReY8oA&google_tc= HTTP 302
  • https://d.adroll.com/cm/g/in

57 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor...
r.daily1.finimize.com/mk/cl/f/ 		819 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog
Protocol
HTTP/1.1
Server
104.16.231.163 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0a5073d4902aaed93d90075adad2fc1f1cacc5ada462683b1c9104353c5ce1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

Host
r.daily1.finimize.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 13 Feb 2020 14:50:40 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=de6574f881f8377f3819b663babc217241581605440; expires=Sat, 14-Mar-20 14:50:40 GMT; path=/; domain=.r.daily1.finimize.com; HttpOnly; SameSite=Lax
X-Sib-Server
SENDINBLUE-red1-3
X-Content-Type-Options
nosniff
X-XSS-Protection
1
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
56479db18d64d905-AMS
Content-Encoding
gzip
cm.html
sibautomation.com/ Frame 9EEF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sibautomation.com/cm.html?id=2238669
Requested by
Host: r.daily1.finimize.com
URL: http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6818:6a67 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Sails <sailsjs.com>
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
sibautomation.com
:scheme
https
:path
/cm.html?id=2238669
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog

Response headers

status
200
date
Thu, 13 Feb 2020 14:50:40 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=df16adb97cec73d0da6e2ddaa708c04d81581605440; expires=Sat, 14-Mar-20 14:50:40 GMT; path=/; domain=.sibautomation.com; HttpOnly; SameSite=Lax
x-powered-by
Sails <sailsjs.com>
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-origin
*
x-sib-server
SENDINBLUE-web2-2
x-content-type-options
nosniff
x-xss-protection
1
cache-control
max-age=7200
cf-cache-status
HIT
age
26772
server
cloudflare
cf-ray
56479db20c5bd6b9-FRA
content-encoding
br
Primary Request contents-gb
start.hellogetsafe.com/en-gb/flows/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Requested by
Host: r.daily1.finimize.com
URL: http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deed1bcf5cc4ec33d2409aaeb6dc121bce2c8c770157a6d9587ab5f0fa93dc10

Request headers

:method
GET
:authority
start.hellogetsafe.com
:scheme
https
:path
/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
document
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
document
Referer
http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog

Response headers

status
200
date
Thu, 13 Feb 2020 14:50:40 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d9941acb3f212c7e4ce917ca6d033e6041581605440; expires=Sat, 14-Mar-20 14:50:40 GMT; path=/; domain=.hellogetsafe.com; HttpOnly; SameSite=Lax
last-modified
Fri, 07 Feb 2020 13:00:56 GMT
content-disposition
inline; filename="index.html"
vary
Accept-Encoding
via
1.1 vegur
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56479db2985ec26d-FRA
content-encoding
br
all.css
pro.fontawesome.com/releases/v5.0.9/css/ 		46 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pro.fontawesome.com/releases/v5.0.9/css/all.css
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
b51421bdb9eef54f18924ed0623f32639755d8e6049933a57440e2ff8416bca8

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Origin
https://start.hellogetsafe.com
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 14:50:40 GMT
content-encoding
gzip
last-modified
Tue, 27 Mar 2018 21:26:28 GMT
access-control-allow-origin
*
etag
"236f2d067d76c707197173f1da70aad6"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1581605440.cds004.wa1.hn,1581605440.cds007.wa1.c
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
access-control-allow-methods
GET
accept-ranges
bytes
content-length
9756
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=default,Intl,Array.prototype.find,Array.prototype.findIndex,Array.prototype.includes,localStorage,Number.isInteger,Number.parseFloat,Number.parseInt,Object.entries,Object.freeze,Object.values,Promise.prototype.finally,String.prototype.padEnd,String.prototype.padStart,String.prototype.repeat,console
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
age
3306349
normalized-user-agent
chrome/74.0.0
detected-user-agent
Chrome/74.0.3729
status
200
date
Thu, 13 Feb 2020 14:50:40 GMT
request_came_from_shield
FRA
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, MISS-CLUSTER, fastly;desc="Edge time";dur=12
content-length
126
referrer-policy
origin-when-cross-origin
etag
W/"7e-Lg1mQtlDtrujPBTtidtsoNmOeEQ"
vary
User-Agent, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
1.bundle.ecb5f115378d28f0d9f2.js
start.hellogetsafe.com/ 		667 KB
180 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://start.hellogetsafe.com/1.bundle.ecb5f115378d28f0d9f2.js
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cb97563ef0e4a1ae7a544ba7cadcf51d150f6b65923629775c5e6370931ec78

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

cf-ray
56479db3ab49c26d-FRA
date
Thu, 13 Feb 2020 14:50:40 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Fri, 07 Feb 2020 13:00:56 GMT
server
cloudflare
age
1620
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
content-disposition
inline; filename="1.bundle.ecb5f115378d28f0d9f2.js"
content-encoding
br
bundle.ecb5f115378d28f0d9f2.js
start.hellogetsafe.com/ 		730 KB
340 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://start.hellogetsafe.com/bundle.ecb5f115378d28f0d9f2.js
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba73555f8128d6680af7b188a4321a4cc405f62b89175a614d67ba7b1f5d6cbf

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

cf-ray
56479db3ab4ac26d-FRA
date
Thu, 13 Feb 2020 14:50:40 GMT
via
1.1 vegur
cf-cache-status
HIT
last-modified
Fri, 07 Feb 2020 13:00:56 GMT
server
cloudflare
age
1620
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=14400
content-disposition
inline; filename="bundle.ecb5f115378d28f0d9f2.js"
content-encoding
br
gtm.js
www.googletagmanager.com/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PC7Z9R6&gtm_auth=i-5fz-MSrDrthm0rPzbiDA&gtm_preview=env-2&gtm_cookies_win=x
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cb41766ca6bd1c49c92648e21ddf07de879577bc71fdcfd13dd3ee91c63049cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 14:50:40 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
26191
x-xss-protection
0
pragma
no-cache
server
Google Tag Manager
vary
*
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 01 Jan 1990 00:00:00 GMT
polyfill.min.js
cdn.polyfill.io/v2/ 		222 B
196 B 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=default,Intl,Array.prototype.find,Array.prototype.findIndex,Array.prototype.includes,localStorage,Number.isInteger,Number.parseFloat,Number.parseInt,Object.entries,Object.freeze,Object.values,Promise.prototype.finally,String.prototype.padEnd,String.prototype.padStart,String.prototype.repeat,console
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.14.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
age
3306349
normalized-user-agent
chrome/74.0.0
detected-user-agent
Chrome/74.0.3729
status
200
date
Thu, 13 Feb 2020 14:50:40 GMT
request_came_from_shield
FRA
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT, fastly;desc="Edge time";dur=1
content-length
126
referrer-policy
origin-when-cross-origin
etag
W/"7e-Lg1mQtlDtrujPBTtidtsoNmOeEQ"
vary
User-Agent, Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
/
sentry.io/api/1225494/store/ 		41 B
430 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sentry.io/api/1225494/store/?sentry_version=7&sentry_client=raven-js%2F3.27.2&sentry_key=e14a1ffb5689457782bb13fe7ad87c20
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/1.bundle.ecb5f115378d28f0d9f2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.188.42.15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
15.42.188.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8885a850f4da9f40f46e4d2e947dd8a6ce2b4a6a3acb38353fb3164421a1ef15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://start.hellogetsafe.com/
Origin
https://start.hellogetsafe.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Date
Thu, 13 Feb 2020 14:50:41 GMT
vary
Origin
Server
nginx
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
application/json
access-control-allow-origin
https://start.hellogetsafe.com
access-control-expose-headers
retry-after, x-sentry-error
x-envoy-upstream-service-time
1
Connection
keep-alive
Content-Length
41
analytics.min.js
cdn.segment.com/analytics.js/v1/W5J8wzMyFLL57f6aEn4n13o6lavwADtt/ 		402 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.segment.com/analytics.js/v1/W5J8wzMyFLL57f6aEn4n13o6lavwADtt/analytics.min.js
Requested by
Host: r.daily1.finimize.com
URL: http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.82.80 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-82-80.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f7f10a640ad30a483b66c56400ef8d8e55e8c1457c8afa65bb2e0a9ea93a396

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 00:31:16 GMT
content-encoding
gzip
x-amz-cf-pop
FRA2-C2
x-cache
RefreshHit from cloudfront
status
200
x-amz-replication-status
COMPLETED
content-length
81684
via
1.1 2f194b62c8c43859cbf5af8e53a8d2a7.cloudfront.net (CloudFront)
last-modified
Fri, 07 Feb 2020 17:20:11 GMT
server
AmazonS3
etag
"2735d39aa008bce7e38ef27e88bd72aa"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
_Eli6BF3PMScLLceJfNDgErkgijhLJIK
access-control-allow-origin
*
cache-control
public, max-age=300
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
x-amz-cf-id
1D1Z7fhESnuumniTvJttdhLdPpjfJmXwNXSqa0jxzgoS3zlbfEFKhQ==
obtp.js
amplify.outbrain.com/cp/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: r.daily1.finimize.com
URL: http://r.daily1.finimize.com/mk/cl/f/tr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-250-44.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8bd397636ecd49c36d687ad591807ea5ee621b1e11888657827902a5003fc4bb

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 14:50:40 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 Jan 2020 07:28:40 GMT
Server
AkamaiNetStorage
ETag
"522e4451790939ca385c10f4b474de63:1578382119.826889"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2617
Expires
Thu, 13 Feb 2020 15:10:40 GMT
pixel
tr.outbrain.com/ 		43 B
333 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/pixel?marketerId=0038ad4f9912aad61f870afaf4fcc516bc&obApiVersion=1.1&obtpVersion=1.1.8&name=PAGE_VIEW&dl=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&optOut=false&bust=05944416046503518
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 14:50:41 GMT
content-encoding
gzip
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
image/gif;
Cache-Control
no-cache
Connection
close
X-TraceId
eeb8ab572a9ad81e4aad0cafbb5208a9
Content-Length
60
pixel
amplifypixel.outbrain.com/ 		43 B
314 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amplifypixel.outbrain.com/pixel?mid=0038ad4f9912aad61f870afaf4fcc516bc&dl=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&bust=006016181293253786
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains;

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Date
Thu, 13 Feb 2020 14:50:41 GMT
Cache-Control
no-cache
X-TraceId
7468f0439f46c8aef95781f1c0a46ca6
content-encoding
gzip
Content-Length
60
Strict-Transport-Security
max-age=0; includeSubDomains;
Content-Type
image/gif;
hotjar-1611643.js
static.hotjar.com/c/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1611643.js?sv=6
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W5J8wzMyFLL57f6aEn4n13o6lavwADtt/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.125 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress14
Software
/
Resource Hash
444bb16f4e9ad7989ab3d248c34afa639b7c464f0550ce4a81b5b642e739b095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript
section-io-tag
hotjar
age
57
status
200
access-control-max-age
600
section-io-cache
Hit
content-length
1737
x-cache-hit
1
x-frame-options
SAMEORIGIN
etag
W/2eb4257e2e5c2956db8405ff022e3763
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=60
section-io-origin-time-seconds
0.090
accept-ranges
bytes
section-io-id
2aced027295b16fd6a59f1de82072e04
section-origin-responded
true
p
api.segment.io/v1/ 		21 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/1.bundle.ecb5f115378d28f0d9f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.25.251.215 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-25-251-215.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Origin
https://start.hellogetsafe.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

status
200
date
Thu, 13 Feb 2020 14:50:42 GMT
access-control-allow-origin
https://start.hellogetsafe.com
content-length
21
vary
Origin
content-type
application/json
fbevents.js
connect.facebook.net/en_US/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W5J8wzMyFLL57f6aEn4n13o6lavwADtt/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
+oGp0ko+ErbP+rJWl6PGElq56uqw8f8Cop0aFY9h0eVbZjDjbbY6kZ28qr/GRqr0Mgz6caJmysqkLQuoTwKhzQ==
x-fb-trip-id
1850256238
date
Thu, 13 Feb 2020 14:50:41 GMT, Thu, 13 Feb 2020 14:50:41 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
track.js
assets.customer.io/assets/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.customer.io/assets/track.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W5J8wzMyFLL57f6aEn4n13o6lavwADtt/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.161.187.71 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
01043c5ebd1190e2c15d1e2f8104872bed151a4433293608f9ce9769c8a414ec

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT
content-encoding
gzip
last-modified
Fri, 23 Feb 2018 20:42:03 GMT
server
NetDNA-cache/2.2
x-amz-request-id
B8C682829D03E8A4
etag
"03fd9f5696d2bdc77e15353eb29f141d"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
public, max-age=86400
accept-ranges
bytes
content-length
1431
x-amz-id-2
c3wXV4cSaNBC5iPsyzDBaFJ4Rrijhyx19HsjOAO/UkfPCBecaV3MfexAzRQ4TZqxNhoIYAEyDtk=
expires
Sat, 24 Feb 2018 20:42:01 GMT
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ 		72 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mxpnl.com/libs/mixpanel-2-latest.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W5J8wzMyFLL57f6aEn4n13o6lavwADtt/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1901:0:498c:: , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
51b93d3a0f08a7a996cd669bae8b086be6a590d49f18406716c495f8f339a5aa

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 12:52:06 GMT
content-encoding
gzip
age
7115
status
200
x-guploader-uploadid
AEnB2UqPdlRZlbTJsJxWX8LSt1NhGlQ9mobnP3WIBAmy10lsVYbgqQ76DDbqREkP2jiMG32xox6gz72AdabrkyAu79StDqVVaQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
clear
content-length
24310
last-modified
Wed, 05 Feb 2020 00:17:19 GMT
server
UploadServer
etag
"77f71aec224927ea65e55fb94c97632f"
vary
Accept-Encoding
x-goog-hash
crc32c=d/v9hw==, md5=d/ca7CJJJ+pl5V+5TJdjLw==
content-language
en
access-control-allow-origin
*
x-goog-generation
1580861839915277
cache-control
public,max-age=86400
x-goog-stored-content-length
24310
accept-ranges
bytes
content-type
text/javascript
expires
Fri, 14 Feb 2020 12:52:06 GMT
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W5J8wzMyFLL57f6aEn4n13o6lavwADtt/analytics.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
1029
date
Thu, 13 Feb 2020 14:33:32 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Thu, 13 Feb 2020 16:33:32 GMT
roundtrip.js
s.adroll.com/j/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/roundtrip.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W5J8wzMyFLL57f6aEn4n13o6lavwADtt/analytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
18193705ab98d0aa0d38c44621932f9599495d8e708fc41afb7ef892ab0895ae

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
lfmGdNKg5RpvOV9rgmEkoYf4yRMYp92f
Content-Encoding
gzip
x-amz-request-id
CF2698AF4ECDBB0C
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Thu, 13 Feb 2020 14:50:41 GMT
Connection
keep-alive
Content-Length
10738
x-amz-id-2
XOPKCCC75hTreRBEowGrlWbCCdZ7Sq9AOTK9wflo/A42EY34c+mx3gheNXC+rUzATlHFDVwJg1E=
Last-Modified
Thu, 06 Feb 2020 22:47:39 GMT
Server
AmazonS3
ETag
"bdad36c9dcb5278bdd961fb364516719"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
bat.js
bat.bing.com/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W5J8wzMyFLL57f6aEn4n13o6lavwADtt/analytics.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 14:50:40 GMT
content-encoding
gzip
last-modified
Fri, 31 Jan 2020 21:01:31 GMT
x-msedge-ref
Ref A: 9976D76E7CB54C4F8305433FDDA8E7DF Ref B: FRAEDGE0419 Ref C: 2020-02-13T14:50:41Z
access-control-allow-origin
*
etag
"8087c39c79d8d51:0"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7295
insight.min.js
snap.licdn.com/li.lms-analytics/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/W5J8wzMyFLL57f6aEn4n13o6lavwADtt/analytics.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:39e::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Thu, 13 Feb 2020 14:50:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Oct 2019 16:41:31 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=80903
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1576
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
955 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 14:18:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1907
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
859
x-xss-protection
0
expires
Thu, 13 Feb 2020 15:18:54 GMT
116776285665689
connect.facebook.net/signals/config/ 		100 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/116776285665689?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d354735ba66978ce4f349e33b3bd64a2bf98a2f93d4a0f61e3a25da2e2d23570
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
25011
x-xss-protection
0
pragma
public
x-fb-debug
BBJ/ckPVkY7sHsDPnEnni6u46I+rK4iSvHN69NkMxpv1r/V0eRdSJDNkbwJzLq72aGZZt+pw7VgqPJcm81a1Pw==
x-fb-trip-id
1850256238
date
Thu, 13 Feb 2020 14:50:41 GMT, Thu, 13 Feb 2020 14:50:41 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.a6ee02de5873aa236440.js
script.hotjar.com/ 		401 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.a6ee02de5873aa236440.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1611643.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.84.39 Parsippany, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
/
Resource Hash
58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT
content-encoding
br
content-type
application/javascript
age
2788
status
200
section-io-cache
Hit
content-length
71483
last-modified
Thu, 13 Feb 2020 14:00:36 GMT
etag
"a29cc766b3eae227e61b1b428741bb6c"
vary
Accept-Encoding
section-io-origin-status
200
access-control-allow-origin
*
cache-control
max-age=31536000
section-io-origin-time-seconds
0.089
accept-ranges
bytes
section-io-id
545d29dd44b5a1a4ba4695630f0e6554
section-origin-responded
true
index.js
s.adroll.com/j/exp/
Redirect Chain
  • https://s.adroll.com/j/exp/CFWGEAZVUFGT7GKI4GLGYL/index.js
  • https://s.adroll.com/j/exp/index.js
28 B
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/exp/index.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
Y8nS1mIzhBe8JEQvENARcyn9JPX.scLz
Content-Encoding
gzip
x-amz-request-id
E1C9941DB941DD1E
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Thu, 13 Feb 2020 14:50:41 GMT
Connection
keep-alive
Content-Length
48
x-amz-id-2
lqt/Q3YwSp0JZGFSkK+nCWTAycdLPcPppTHD0vKT62G9CJJy1uY9PFVXzze6e8zRgmHtjNxi+Co=
Last-Modified
Thu, 06 Feb 2020 23:04:12 GMT
Server
AmazonS3
ETag
"5816cced8568d223aa09d889f300692b"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

Date
Thu, 13 Feb 2020 14:50:41 GMT
Server
AkamaiGHost
Access-Control-Allow-Origin
*
Access-Control-Max-Age
600
Access-Control-Allow-Methods
GET
Location
https://s.adroll.com/j/exp/index.js
Access-Control-Allow-Credentials
false
Connection
keep-alive
Access-Control-Allow-Headers
*
Content-Length
0
index.js
s.adroll.com/j/pre/CFWGEAZVUFGT7GKI4GLGYL/G37WQUJSGJA3XKQUOI5BGJ/ 		0
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/pre/CFWGEAZVUFGT7GKI4GLGYL/G37WQUJSGJA3XKQUOI5BGJ/index.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
WctrRuTuPw8bZ54QDrYwpe7fVwoGZxAv
Content-Encoding
gzip
x-amz-request-id
A94B1241919D80B6
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Thu, 13 Feb 2020 14:50:41 GMT
Connection
keep-alive
Content-Length
20
x-amz-id-2
2jwRX2RM5nYP4uzAAeVWuDATXj4X7WFUJG8YWFVraPS2/x1NxRVs/8f4u7fBCtEGI9d1FGcRT/U=
Last-Modified
Wed, 12 Feb 2020 19:06:00 GMT
Server
AmazonS3
ETag
"d41d8cd98f00b204e9800998ecf8427e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
d.adroll.com/consent/check/CFWGEAZVUFGT7GKI4GLGYL/
Redirect Chain
  • https://d.adroll.mgr.consensu.org/consent/iabcheck/CFWGEAZVUFGT7GKI4GLGYL?_s=cf3446411508083b78d779cd7238be46&_b=2
  • https://d.adroll.com/consent/check/CFWGEAZVUFGT7GKI4GLGYL/?_s=cf3446411508083b78d779cd7238be46&_b=2
115 B
582 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.adroll.com/consent/check/CFWGEAZVUFGT7GKI4GLGYL/?_s=cf3446411508083b78d779cd7238be46&_b=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
8c07b36c5000e949552abd9eb5315561e01888eeca2040157f0cb6dd607071e0

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
application/javascript
content-length
115

Redirect headers

status
302
date
Thu, 13 Feb 2020 14:50:41 GMT
server
nginx/1.16.1
content-length
105
location
https://d.adroll.com/consent/check/CFWGEAZVUFGT7GKI4GLGYL/?_s=cf3446411508083b78d779cd7238be46&_b=2
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1384673619&t=pageview&_s=1&dl=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZ...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-106632927-1&cid=42890841.1581605442&jid=1934562043&_gid=2043775368.1581605442&gjid=1609328150&_v=j81&z=2017767950
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106632927-1&cid=42890841.1581605442&jid=1934562043&_v=j81&z=2017767950
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106632927-1&cid=42890841.1581605442&jid=1934562043&_v=j81&z=2017767950&slf_rd=1&random=3725488156
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106632927-1&cid=42890841.1581605442&jid=1934562043&_v=j81&z=2017767950&slf_rd=1&random=3725488156
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-106632927-1&cid=42890841.1581605442&jid=1934562043&_v=j81&z=2017767950&slf_rd=1&random=3725488156
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
api-js.mixpanel.com/decide/ 		65 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/decide/?verbose=1&version=1&lib=web&token=339137b2324989605724f4f9beba5b11&ip=1&_=1581605441605
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/1.bundle.ecb5f115378d28f0d9f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.34.183 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
gunicorn/19.9.0 /
Resource Hash
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Origin
https://start.hellogetsafe.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT
via
1.1 google
server
gunicorn/19.9.0
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://start.hellogetsafe.com
cache-control
no-cache, no-store
access-control-allow-credentials
true
alt-svc
clear
/
api-js.mixpanel.com/track/ 		1 B
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1581605441609
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/1.bundle.ecb5f115378d28f0d9f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.34.183 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Origin
https://start.hellogetsafe.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://start.hellogetsafe.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
clear
content-length
1
/
api-js.mixpanel.com/track/ 		1 B
74 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?ip=1&_=1581605441611
Requested by
Host: start.hellogetsafe.com
URL: https://start.hellogetsafe.com/1.bundle.ecb5f115378d28f0d9f2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
130.211.34.183 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
183.34.211.130.bc.googleusercontent.com
Software
envoy /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
Origin
https://start.hellogetsafe.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
status
200
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://start.hellogetsafe.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
10
alt-svc
clear
content-length
1
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120050&url=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffil...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D120050%26url%3Dhttps%253A%252F%252Fstart.hellogetsafe.com%252Fen-gb%252Fflows%252...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120050&url=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffil...
0
80 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120050&url=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&time=1581605441614&liSync=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 13 Feb 2020 14:50:42 GMT
server
Play
linkedin-action
1
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
0
x-li-uuid
tx7ND8X98hUQklQ2PisAAA==

Redirect headers

date
Thu, 13 Feb 2020 14:50:41 GMT
x-content-type-options
nosniff
linkedin-action
1
status
302
strict-transport-security
max-age=2592000
content-length
0
x-li-uuid
VsdnBMX98hWAUF5l7ioAAA==
server
Play
pragma
no-cache
x-li-pop
prod-efr5
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-frame-options
sameorigin
x-li-fabric
prod-lor1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=120050&url=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&time=1581605441614&liSync=true
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri https://www.linkedin.com/platform-telemetry/csp?f=l
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
0
bat.bing.com/action/ 		0
93 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=25060265&Ver=2&mid=3b8f731e-6d0c-5576-00d9-1a522bbc4909&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&p=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&r=http%3A%2F%2Fr.daily1.finimize.com%2Fmk%2Fcl%2Ff%2Ftr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog&lt=431&evt=pageLoad&msclkid=N&rn=74474
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

status
204
pragma
no-cache
date
Thu, 13 Feb 2020 14:50:40 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: F67BD81C9EE04B1F80B9BB2AF987E8E0 Ref B: FRAEDGE0419 Ref C: 2020-02-13T14:50:41Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
261 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=116776285665689&ev=PageView&dl=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&rl=http%3A%2F%2Fr.daily1.finimize.com%2Fmk%2Fcl%2Ff%2Ftr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog&if=false&ts=1581605441623&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=0&o=28&fbp=fb.1.1581605441622.1042031361&it=1581605441587&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT, Thu, 13 Feb 2020 14:50:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 13 Feb 2020 14:50:41 GMT
box-469cf41adb11dc78be68c1ae7f9457a4.html
vars.hotjar.com/ Frame 614C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-469cf41adb11dc78be68c1ae7f9457a4.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1611643.js?sv=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.75.32.13 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
pkt-ams-k2-shared-ingress9
Software
/
Resource Hash

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-469cf41adb11dc78be68c1ae7f9457a4.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210

Response headers

status
200
date
Thu, 13 Feb 2020 14:50:41 GMT
content-type
text/html
content-length
851
last-modified
Wed, 29 Jan 2020 12:33:12 GMT
etag
"d594f1d4c3e5dbd6b556c60d34e0daea"
cache-control
max-age=31536000
content-encoding
br
section-io-origin-status
200
section-io-origin-time-seconds
0.082
section-origin-responded
true
age
1304064
vary
Accept-Encoding
section-io-cache
Hit
accept-ranges
bytes
section-io-id
67fcf0a2dbe39152ecbd7b81fc3a967e
I6YBXAZJFZDJRMGMTJ54ES.js
s.adroll.com/pixel/CFWGEAZVUFGT7GKI4GLGYL/G37WQUJSGJA3XKQUOI5BGJ/
Redirect Chain
  • https://d.adroll.com/pixel/CFWGEAZVUFGT7GKI4GLGYL/G37WQUJSGJA3XKQUOI5BGJ?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&pv=96312422476.96017&cookie=&keyw=&arrfrr=https%3A%2F%2Fs...
  • https://s.adroll.com/pixel/CFWGEAZVUFGT7GKI4GLGYL/G37WQUJSGJA3XKQUOI5BGJ/I6YBXAZJFZDJRMGMTJ54ES.js
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/pixel/CFWGEAZVUFGT7GKI4GLGYL/G37WQUJSGJA3XKQUOI5BGJ/I6YBXAZJFZDJRMGMTJ54ES.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c19b3b50fe7c1255d06662a284f011261e76876e6821d0cde44b85ffddd62bde

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-version-id
vmXXK7Y.8v9SYCrdXU0RYkxKNW0M_uwJ
Content-Encoding
gzip
x-amz-request-id
D06A99800309FD6A
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Thu, 13 Feb 2020 14:50:41 GMT
Connection
keep-alive
Content-Length
1558
x-amz-id-2
tw/j/hXm9izogyQcCIicN1rCeiWRZSgP25g3C6iK1pJxruCJzrUgTm4pMnINOlJreYbDAJYzwd4=
Last-Modified
Tue, 04 Feb 2020 01:58:45 GMT
Server
AmazonS3
ETag
"e04e833455dddb76d8f448edaad81356"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600, must-revalidate
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*

Redirect headers

date
Thu, 13 Feb 2020 14:50:41 GMT
x-segment-display-name
Visitors to Unsegmented Pages
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
content-length
0
pragma
no-cache
x-conversion-value
0.00
server
nginx/1.16.1
x-rule
*
x-segment-eid
I6YBXAZJFZDJRMGMTJ54ES
location
https://s.adroll.com/pixel/CFWGEAZVUFGT7GKI4GLGYL/G37WQUJSGJA3XKQUOI5BGJ/I6YBXAZJFZDJRMGMTJ54ES.js
cache-control
no-store, no-cache, must-revalidate
x-pixel-eid
G37WQUJSGJA3XKQUOI5BGJ
x-segment-name
*
x-advertisable-eid
CFWGEAZVUFGT7GKI4GLGYL
x-conversion-currency
EUR
page.gif
track.customer.io/events/ 		36 B
211 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.customer.io/events/page.gif?name=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&data%5Bpath%5D=%2Fen-gb%2Fflows%2Fcontents-gb&data%5Breferrer%5D=http%3A%2F%2Fr.daily1.finimize.com%2Fmk%2Fcl%2Ff%2Ftr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog&data%5Bsearch%5D=%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&data%5Btitle%5D=&data%5Burl%5D=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&s=9585e257-c64a-a969-87b2-2ad6c9de626a&c=&site_id=7410f73df1cb4589a779&timestamp=1581605441717
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.225.220 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.225.227.35.bc.googleusercontent.com
Software
/
Resource Hash
c81b7e9e73c457ba64106f312dade57cfe8ad02ef7b9751c8b6d73a6288f4009

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT
via
1.1 google
content-type
image/gif
status
200, 200 OK
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
clear
content-length
36
sendrolling.js
s.adroll.com/j/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.adroll.com/j/sendrolling.js
Requested by
Host: s.adroll.com
URL: https://s.adroll.com/pixel/CFWGEAZVUFGT7GKI4GLGYL/G37WQUJSGJA3XKQUOI5BGJ/I6YBXAZJFZDJRMGMTJ54ES.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.248.216 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-248-216.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

x-amz-version-id
NM.EHVfGEDu2TYFqb1osrv1zRII373EC
Content-Encoding
gzip
x-amz-request-id
D373BDDB893E575E
x-amz-server-side-encryption
AES256
Access-Control-Max-Age
600
Date
Thu, 13 Feb 2020 14:50:41 GMT
Connection
keep-alive
Content-Length
2039
x-amz-id-2
XqO1wRxhQLE4QFFRqtF9/83wFF4kohDuQitS60oDt2WfBKh8tJ7/oV8RacTG09xzkB1mcIYtrnQ=
Last-Modified
Mon, 03 Feb 2020 20:32:06 GMT
Server
AmazonS3
ETag
"15441b08d0c4f93b1dd5f533cd361cd8"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Access-Control-Allow-Credentials
false
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
372604573425674
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/372604573425674?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
020e63a134114794fc4cc7a58634b89eb714d60009ba18541a4030741530e6aa
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
114917
x-xss-protection
0
pragma
public
x-fb-debug
MGM3BebIwsH0eyT0r8BoAS08TK/i6uXI/Qt168UfMnjb/zxxPKvbuN6TBVoADL88nxMrGVPQX6hwItlW9P8dCQ==
x-fb-trip-id
1850256238
date
Thu, 13 Feb 2020 14:50:41 GMT, Thu, 13 Feb 2020 14:50:41 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires
Sat, 01 Jan 2000 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55980/
Redirect Chain
  • https://d.adroll.com/cm/aol/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://pixel.advertising.com/ups/55980/sync?uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://pixel.advertising.com/ups/55980/sync?uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&verify=true
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP34d41825-4e70-11ea-8d67-02...
  • https://ups.analytics.yahoo.com/ups/55980/sync?uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP34d41825-4e70-11ea-8d67-02...
0
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP34d41825-4e70-11ea-8d67-029abc142158&verify=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.71.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-71-125.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Thu, 13 Feb 2020 14:50:41 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

status
302
date
Thu, 13 Feb 2020 14:50:41 GMT
strict-transport-security
max-age=31536000
content-length
0
location
https://ups.analytics.yahoo.com/ups/55980/sync?uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&_origin=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA&apid=UP34d41825-4e70-11ea-8d67-029abc142158&verify=true
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://d.adroll.com/cm/index/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&expiration=1613141441
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&expiration=1613141441&C=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&expiration=1613141441&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-210-249-164.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 14:50:41 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 13 Feb 2020 14:50:41 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 14:50:41 GMT
Server
Apache
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=105&external_user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&expiration=1613141441&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
333
Expires
Thu, 13 Feb 2020 14:50:41 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://d.adroll.com/cm/n/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&expires=365
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&expires=365
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
image/gif
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
server
nginx/1.16.1
location
https://pixel.rubiconproject.com/tap.php?v=194538&nid=3644&put=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&expires=365
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
124
cookie-sync
sync.outbrain.com/
Redirect Chain
  • https://d.adroll.com/cm/outbrain/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
  • https://sync.outbrain.com/cookie-sync?p=adroll&uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&rdrctExp=true
0
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&rdrctExp=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-TraceId
1018e9fdfcb8550a2df3690b473fa3b8
Date
Thu, 13 Feb 2020 14:50:42 GMT
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/cookie-sync?p=adroll&uid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&rdrctExp=true
Date
Thu, 13 Feb 2020 14:50:42 GMT
X-TraceId
5f2bacd6858054aac0361ba264d9fd95
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/
Redirect Chain
  • https://d.adroll.com/cm/pubmatic/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENA...
1 B
886 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 14:50:41 GMT
X-lat
Pug22044:0:426
Server
Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Cache-Control
no-store, no-cache, private
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
X-Cnection
close
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
server
nginx/1.16.1
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMwNiZ0bD01MjU2MDA&piggybackCookie=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&gdpr=1&gdpr_consent=BOOoKswOOoKswA2ABBENAkwAAAAXyACACYAIIA
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
220
in
d.adroll.com/cm/r/
Redirect Chain
  • https://d.adroll.com/cm/r/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://ads.yahoo.com/cms/v1?esig=1~bf4e7dc4546a90c08591652d78a230d3f2ef5733&nwid=10001032567&sigv=1&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
  • https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
42 B
499 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42

Redirect headers

date
Thu, 13 Feb 2020 14:50:41 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
location
https://d.adroll.com/cm/r/in?xid=E0&gdpr=1&gdpr_consent=BOOla_OOOla_OA2ABBENAkwAAAAXyACAAyAIIA
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
status
302
x-content-type-options
nosniff
content-length
0
x-xss-protection
1; mode=block
/
trc.taboola.com/sg/adroll-network/1/rtb-h/
Redirect Chain
  • https://d.adroll.com/cm/taboola/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
0
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.2 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-vcl-time-ms
19
date
Thu, 13 Feb 2020 14:50:41 GMT
via
1.1 varnish
server
nginx
x-timer
S1581605442.832734,VS0,VE19
x-served-by
cache-hhn4035-HHN
x-cache
MISS
status
204
accept-ranges
bytes
x-cache-hits
0

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
server
nginx/1.16.1
location
https://trc.taboola.com/sg/adroll-network/1/rtb-h/?taboola_hm=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
111
xuid
eb2.3lift.com/
Redirect Chain
  • https://d.adroll.com/cm/triplelift/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://eb2.3lift.com/xuid?mid=4714&xuid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&dongle=c85e
  • https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
37 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=4714&xuid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.121.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-121-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 13 Feb 2020 14:50:41 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
37
content-type
image/gif

Redirect headers

status
302
date
Thu, 13 Feb 2020 14:50:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
/xuid?ld=1&mid=4714&xuid=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA&dongle=c85e&gdpr=1&cmp_cs=&us_privacy=
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
x.bidswitch.net/ul_cb/
Redirect Chain
  • https://d.adroll.com/cm/b/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://x.bidswitch.net/sync?dsp_id=44&user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.242.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-242-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Thu, 13 Feb 2020 14:50:41 GMT
cache-control
no-cache, no-store, must-revalidate
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
content-length
43
content-type
image/gif

Redirect headers

status
302
date
Thu, 13 Feb 2020 14:50:41 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
location
https://x.bidswitch.net/ul_cb/sync?dsp_id=44&user_id=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
setuid
ib.adnxs.com/
Redirect Chain
  • https://d.adroll.com/cm/x/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://ib.adnxs.com/setuid?entity=172&code=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
43 B
887 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=172&code=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.218 , Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
313.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Feb 2020 14:50:43 GMT
AN-X-Request-Uuid
5e66d816-a8b7-40ac-a9bc-ef63c9fd0edf
Content-Type
image/gif
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
83.143.245.68; 83.143.245.68; 313.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.70:80
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
server
nginx/1.16.1
location
https://ib.adnxs.com/setuid?entity=172&code=NThjMDY1NjhlNTRkYWE1MDE3YmU3MGRlNDVlNjNjYTA
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
93
377928.gif
idsync.rlcdn.com/
Redirect Chain
  • https://d.adroll.com/cm/l/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://idsync.rlcdn.com/377928.gif?partner_uid=58c06568e54daa5017be70de45e63ca0
0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/377928.gif?partner_uid=58c06568e54daa5017be70de45e63ca0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.190.72.21 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
21.72.190.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
date
Thu, 13 Feb 2020 14:50:41 GMT
via
1.1 google
alt-svc
clear

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
server
nginx/1.16.1
location
https://idsync.rlcdn.com/377928.gif?partner_uid=58c06568e54daa5017be70de45e63ca0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
302
cache-control
no-store, no-cache, must-revalidate
content-length
86
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://d.adroll.com/cm/o/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL
  • https://us-u.openx.net/w/1.0/sd?id=537103138&val=58c06568e54daa5017be70de45e63ca0
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=58c06568e54daa5017be70de45e63ca0
43 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=58c06568e54daa5017be70de45e63ca0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
147.120.95.34.bc.googleusercontent.com
Software
OXGW/16.174.5 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
via
1.1 google
server
OXGW/16.174.5
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
status
200
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date
Thu, 13 Feb 2020 14:50:41 GMT
via
1.1 google
server
OXGW/16.174.5
location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537103138&val=58c06568e54daa5017be70de45e63ca0
p3p
CP="CUR ADM OUR NOR STA NID"
status
302
alt-svc
clear
content-length
0
in
d.adroll.com/cm/g/
Redirect Chain
  • https://d.adroll.com/cm/g/out?adroll_fpc=4371affb48ec8568e273fcad3f2998a1-1581605441675&xid_ch=f&advertisable=CFWGEAZVUFGT7GKI4GLGYL&google_nid=adroll5
  • https://cm.g.doubleclick.net/pixel?google_sc&google_nid=artb&google_hm=WMBlaOVNqlAXvnDeReY8oA
  • https://cm.g.doubleclick.net/pixel?google_sc=&google_nid=artb&google_hm=WMBlaOVNqlAXvnDeReY8oA&google_tc=
  • https://d.adroll.com/cm/g/in
42 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/g/in
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.28.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-28-111.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
server
nginx/1.16.1
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
status
200
cache-control
no-store, no-cache, must-revalidate
content-type
image/gif
content-length
42
x-result
g.-1.-1.-1

Redirect headers

pragma
no-cache
date
Thu, 13 Feb 2020 14:50:41 GMT
server
HTTP server (unknown)
location
https://d.adroll.com/cm/g/in
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
302
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
225
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=116776285665689&ev=PageView&dl=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&rl=http%3A%2F%2Fr.daily1.finimize.com%2Fmk%2Fcl%2Ff%2Ftr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog&if=false&ts=1581605441761&cd[segment_eid]=I6YBXAZJFZDJRMGMTJ54ES&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=1&o=28&fbp=fb.1.1581605441622.1042031361&it=1581605441587&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT, Thu, 13 Feb 2020 14:50:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 13 Feb 2020 14:50:41 GMT
/
www.facebook.com/tr/ 		44 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=372604573425674&ev=PageView&dl=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&rl=http%3A%2F%2Fr.daily1.finimize.com%2Fmk%2Fcl%2Ff%2Ftr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog&if=false&ts=1581605441762&cd[segment_eid]=I6YBXAZJFZDJRMGMTJ54ES&sw=1600&sh=1200&v=2.9.15&r=stable&a=seg&ec=0&o=29&fbp=fb.1.1581605441622.1042031361&it=1581605441587&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT, Thu, 13 Feb 2020 14:50:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Thu, 13 Feb 2020 14:50:41 GMT
page.gif
track.customer.io/events/ 		36 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.customer.io/events/page.gif?name=https%3A%2F%2Fstart.hellogetsafe.com%2Fen-gb%2Fflows%2Fcontents-gb%3Fcampaign%3Dukcontents20%26coupon%3DFINIMIZE20%26utm_source%3Daffiliate%26utm_campaign%3Dgrouponuk20200210&data%5Bwidth%5D=1600&data%5Bheight%5D=1200&data%5Breferrer%5D=http%3A%2F%2Fr.daily1.finimize.com%2Fmk%2Fcl%2Ff%2Ftr4nAAMgO4TkhTb1OjizhCBSl4zu5WVOjRJg8BxqPWewNQ0jrvF9AEWiDvhYKR7TjRrkdQrWiFHXkXAEBSTeXlKlSCO4aWD0v0Nv-qkV-Ocp1v3TQ4l7KqHlHsaWnIHPuz-jfL-bxF9tahktSnoY7SFAiA5AeOmJMgV8AyBvbBHMmc7GLX32_qeLH_2G-7put4mor3LPmmwZxBo3RP8gPODUUAaKZrfc79UY_SpyXO21-Ua6-b_4PAS0cklKT9vzOLxHe8aZ8OSsfArTUMtt-xKZYiMp3vYymfXCXRo4lFYFHlKqSTIBKHNh1GTlqT-_Kq1ppWx-gRztijnAMwiiSJ1vHLtTElWUkog&s=9585e257-c64a-a969-87b2-2ad6c9de626a&c=&site_id=7410f73df1cb4589a779&timestamp=1581605441766
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.227.225.220 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
220.225.227.35.bc.googleusercontent.com
Software
/
Resource Hash
c81b7e9e73c457ba64106f312dade57cfe8ad02ef7b9751c8b6d73a6288f4009

Request headers

Referer
https://start.hellogetsafe.com/en-gb/flows/contents-gb?campaign=ukcontents20&coupon=FINIMIZE20&utm_source=affiliate&utm_campaign=grouponuk20200210
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Thu, 13 Feb 2020 14:50:41 GMT
via
1.1 google
content-type
image/gif
status
200, 200 OK
cache-control
no-cache, no-store, must-revalidate, max-age=0
content-transfer-encoding
binary
content-disposition
attachment
alt-svc
clear
content-length
36

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| dataLayer object| webpackJsonp object| regeneratorRuntime object| getsafe object| google_tag_manager object| analytics function| obApi function| _fbq function| fbq object| _cio object| mixpanel string| GoogleAnalyticsObject function| ga string| adroll_adv_id string| adroll_pix_id boolean| __adroll_loaded object| uetq string| _linkedin_data_partner_id object| _hjSelf function| hj object| _hjSettings function| normalize object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks undefined| adroll_tpc_callback function| lintrk boolean| _already_called_lintrk function| UET boolean| __adroll_consent boolean| __adroll_consent_is_gdpr object| __adroll_consent_data string| __adroll_consent_user_country string| __adroll_consent_adv_country number| adroll_xavier_called number| __adroll_xid_ch object| adroll_currency object| adroll_conversion_value object| adroll_conversion_value_in_dollars number| c_start number| c_end boolean| adroll_sendrolling_hashed_only object| adroll_exp_list

1 Cookies

Domain/Path Name / Value
.hellogetsafe.com/ Name: __cfduid
Value: d9941acb3f212c7e4ce917ca6d033e6041581605440

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
amplify.outbrain.com
amplifypixel.outbrain.com
api-js.mixpanel.com
api.segment.io
assets.customer.io
bat.bing.com
cdn.mxpnl.com
cdn.polyfill.io
cdn.segment.com
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d.adroll.mgr.consensu.org
dsum-sec.casalemedia.com
eb2.3lift.com
ib.adnxs.com
idsync.rlcdn.com
pixel.advertising.com
pixel.rubiconproject.com
pro.fontawesome.com
px.ads.linkedin.com
r.daily1.finimize.com
s.adroll.com
script.hotjar.com
sentry.io
sibautomation.com
simage2.pubmatic.com
snap.licdn.com
start.hellogetsafe.com
static.hotjar.com
stats.g.doubleclick.net
sync.outbrain.com
tr.outbrain.com
track.customer.io
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.linkedin.com
x.bidswitch.net
104.16.231.163
108.161.187.71
13.225.82.80
130.211.34.183
147.75.32.125
147.75.32.13
147.75.84.39
151.101.114.2
151.101.14.109
151.139.128.10
172.217.16.162
185.33.223.218
185.64.189.110
23.210.248.216
23.210.249.164
23.210.250.44
2600:1901:0:498c::
2606:4700:20::681a:9a1
2606:4700:3031::6818:6a67
2620:1ec:c11::200
2a00:1288:f03d:1fa::4000
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:820::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9a
2a02:26f0:10c:39e::25ea
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:f500:10:101::b93f:9101
2a05:f500:11:101::b93f:9005
3.248.28.111
34.95.120.147
35.156.71.125
35.157.121.171
35.188.42.15
35.190.72.21
35.227.225.220
52.25.251.215
52.57.242.37
52.58.138.174
69.173.144.165
70.42.32.31
01043c5ebd1190e2c15d1e2f8104872bed151a4433293608f9ce9769c8a414ec
020e63a134114794fc4cc7a58634b89eb714d60009ba18541a4030741530e6aa
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
18193705ab98d0aa0d38c44621932f9599495d8e708fc41afb7ef892ab0895ae
1bdbcee5cd776cb671f72362db4be8dde833057b8e8f816c86fd301896652c8d
1f7f10a640ad30a483b66c56400ef8d8e55e8c1457c8afa65bb2e0a9ea93a396
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
41dd5e421fe221a7d2921d6fa2b36e8b01a9f2c054aaef5fad866fe896c1d1e0
444bb16f4e9ad7989ab3d248c34afa639b7c464f0550ce4a81b5b642e739b095
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51b93d3a0f08a7a996cd669bae8b086be6a590d49f18406716c495f8f339a5aa
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58d77ce036eb42499cd5b4d8518fb35778bce4975275c4aa676d3347e6996df9
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5cb97563ef0e4a1ae7a544ba7cadcf51d150f6b65923629775c5e6370931ec78
5fcb16854bcf34558fc9100ea313b2f61a3394ca23e65719553f09c902b2476e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
8885a850f4da9f40f46e4d2e947dd8a6ce2b4a6a3acb38353fb3164421a1ef15
89b531e78902333807b825faf77cd11cc927fe364ea2ba9307f65365f7e811f7
8bd397636ecd49c36d687ad591807ea5ee621b1e11888657827902a5003fc4bb
8c07b36c5000e949552abd9eb5315561e01888eeca2040157f0cb6dd607071e0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b51421bdb9eef54f18924ed0623f32639755d8e6049933a57440e2ff8416bca8
ba73555f8128d6680af7b188a4321a4cc405f62b89175a614d67ba7b1f5d6cbf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0a5073d4902aaed93d90075adad2fc1f1cacc5ada462683b1c9104353c5ce1c
c19b3b50fe7c1255d06662a284f011261e76876e6821d0cde44b85ffddd62bde
c81b7e9e73c457ba64106f312dade57cfe8ad02ef7b9751c8b6d73a6288f4009
cae897bdde94867960ad284a56b1631296eaceddf5710a2857127ca0aa2777d3
cb41766ca6bd1c49c92648e21ddf07de879577bc71fdcfd13dd3ee91c63049cb
d354735ba66978ce4f349e33b3bd64a2bf98a2f93d4a0f61e3a25da2e2d23570
deed1bcf5cc4ec33d2409aaeb6dc121bce2c8c770157a6d9587ab5f0fa93dc10
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52