go.safelyembodied.com Open in urlscan Pro
34.196.123.147 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.safelyembodied.safelyembodiedforum.com/
Effective URL:
https://go.safelyembodied.com/sf/6d2a4217
Submission: On February 18 via automatic, source certstream-suspicious (February 18th 2020, 8:26:49 am UTC)

Summary HTTP 61 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 14 domains to perform 61 HTTP transactions. The main IP is 34.196.123.147, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is go.safelyembodied.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on January 22nd 2020. Valid for: 3 months.

This is the only time go.safelyembodied.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	69.195.69.120 69.195.69.120	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
6	34.196.123.147 34.196.123.147	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE)
8	2600:9000:21f... 2600:9000:21f3:3200:f:c772:f080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a04:4e42:200... 2a04:4e42:200::729	54113 (FASTLY) (FASTLY)
6	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	35.169.45.136 35.169.45.136	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:816::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:925b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	143.204.101.39 143.204.101.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	52.42.233.42 52.42.233.42	16509 (AMAZON-02) (AMAZON-02)
9	2600:9000:215... 2600:9000:2156:c600:8:19e3:a500:21	16509 (AMAZON-02) (AMAZON-02)
61	15

1 69.195.69.120 (Provo, United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 69-195-69-120.unifiedlayer.com

www.safelyembodied.safelyembodiedforum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.196.123.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-196-123-147.compute-1.amazonaws.com

go.safelyembodied.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:21f3:3200:f:c772:f080:93a1 (United States)

ASN16509 (AMAZON-02, US)

d308fhmgxc52gy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::729 (Ascension Island)

ASN54113 (FASTLY, US)

browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.169.45.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-45-136.compute-1.amazonaws.com

api.bucket.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:816::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:925b (United States)

ASN13335 (CLOUDFLARENET, US)

diffuser-cdn.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
prism.app-us1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.101.39 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-39.fra50.r.cloudfront.net

cdn.funnelytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.42.233.42 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-42-233-42.us-west-2.compute.amazonaws.com

track.funnelytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2156:c600:8:19e3:a500:21 (United States)

ASN16509 (AMAZON-02, US)

d1wssizvfpltp0.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	cloudfront.net d308fhmgxc52gy.cloudfront.net d1wssizvfpltp0.cloudfront.net	1 MB
7	funnelytics.io cdn.funnelytics.io track.funnelytics.io	5 KB
6	bucket.io api.bucket.io	94 KB
6	facebook.net connect.facebook.net	264 KB
6	safelyembodied.com go.safelyembodied.com	34 KB
4	gstatic.com fonts.gstatic.com	91 KB
4	googleapis.com fonts.googleapis.com	5 KB
2	facebook.com www.facebook.com	496 B
2	google-analytics.com www.google-analytics.com	18 KB
2	app-us1.com diffuser-cdn.app-us1.com prism.app-us1.com	33 KB
2	googlesyndication.com pagead2.googlesyndication.com	128 KB
2	sentry-cdn.com browser.sentry-cdn.com	45 KB
1	googletagmanager.com www.googletagmanager.com	28 KB
1	safelyembodiedforum.com 1 redirects www.safelyembodied.safelyembodiedforum.com	214 B
61	14

	Domain	Requested by
9	d1wssizvfpltp0.cloudfront.net
8	d308fhmgxc52gy.cloudfront.net	go.safelyembodied.com
6	track.funnelytics.io	cdn.funnelytics.io
6	api.bucket.io	d308fhmgxc52gy.cloudfront.net
6	connect.facebook.net	go.safelyembodied.com connect.facebook.net
6	go.safelyembodied.com	go.safelyembodied.com d308fhmgxc52gy.cloudfront.net
4	fonts.gstatic.com	d308fhmgxc52gy.cloudfront.net
4	fonts.googleapis.com	go.safelyembodied.com
2	www.facebook.com
2	www.google-analytics.com	www.googletagmanager.com
2	pagead2.googlesyndication.com	go.safelyembodied.com
2	browser.sentry-cdn.com	go.safelyembodied.com
1	prism.app-us1.com	diffuser-cdn.app-us1.com
1	cdn.funnelytics.io	go.safelyembodied.com
1	diffuser-cdn.app-us1.com	go.safelyembodied.com
1	www.googletagmanager.com	d308fhmgxc52gy.cloudfront.net
1	www.safelyembodied.safelyembodiedforum.com	1 redirects
61	17

This site contains links to these domains. Also see Links.

Domain
dfay.com

Subject Issuer	Validity	Valid
go.safelyembodied.com Let's Encrypt Authority X3	`2020-01-22` - `2020-04-21`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2019-07-17` - `2020-07-05`	a year	crt.sh
v2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-02-05` - `2021-02-05`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-01-16` - `2020-04-15`	3 months	crt.sh
*.bucket.io Amazon	`2019-04-01` - `2020-05-01`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-02-12` - `2020-05-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-29` - `2020-04-22`	3 months	crt.sh
ssl861457.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-09-17` - `2020-03-25`	6 months	crt.sh
*.funnelytics.io Amazon	`2020-02-06` - `2021-03-06`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://go.safelyembodied.com/sf/6d2a4217
Frame ID: 41B7CCB0D68DBAB46355CB46C3055715
Requests: 61 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.safelyembodied.safelyembodiedforum.com/ HTTP 301
https://go.safelyembodied.com/ab/ef50b551 Page URL
https://go.safelyembodied.com/sf/6d2a4217 Page URL

Detected technologies

Ubuntu (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Ubuntu/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

61
Requests

100 %
HTTPS

69 %
IPv6

14
Domains

17
Subdomains

15
IPs

4
Countries

2148 kB
Transfer

4980 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://dfay.com/about
Title: ABOUT US

Search URL Search Domain Scan URL

URL: https://dfay.com/terms-of-service
Title: TERMS OF SERVICE

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.safelyembodied.safelyembodiedforum.com/ HTTP 301
https://go.safelyembodied.com/ab/ef50b551 Page URL
https://go.safelyembodied.com/sf/6d2a4217 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.safelyembodied.safelyembodiedforum.com/ HTTP 301
https://go.safelyembodied.com/ab/ef50b551

61 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

ef50b551 Show response
go.safelyembodied.com/ab/
Redirect Chain

https://www.safelyembodied.safelyembodiedforum.com/
https://go.safelyembodied.com/ab/ef50b551

4 KB
2 KB

582ms
103ms

Document
text/html

34.196.123.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.safelyembodied.com/ab/ef50b551
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.196.123.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-147.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: da3f9479a0d2e64d63f63054b5b560dc2dfdfcd93e797d3773c3129f4d8639a1

Request headers

Host: go.safelyembodied.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document

Response headers

Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 18 Feb 2020 08:26:33 GMT
Content-Type: text/html
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

Redirect headers

status: 301
server: nginx/1.14.1
date: Tue, 18 Feb 2020 08:26:32 GMT
content-type: text/html; charset=UTF-8
x-redirect-by: redirection
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
location: https://go.safelyembodied.com/ab/ef50b551
x-server-cache: false

GET
H2 200 icon
fonts.googleapis.com/ 574 B
468 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Feb 2020 08:26:33 GMT
server: ESF
date: Tue, 18 Feb 2020 08:26:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Feb 2020 08:26:33 GMT

GET
H/1.1 200
OK lib-2b31e73a50.css
d308fhmgxc52gy.cloudfront.net/style/ 111 KB
19 KB 48ms
6ms Stylesheet
text/css 2600:9000:21f3:3200:f:c772:f080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d308fhmgxc52gy.cloudfront.net/style/lib-2b31e73a50.css
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3200:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 688bb8107c7846f1ef4a06a367d15dd5a62db87b1ba6269d78125c2778b02ab1

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 08:41:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
Age: 102374
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: zm0RCfPL6f_X29KLFbGWAnDGa9F_ASFMyEzGYqcNLXo7ryXvmA9bfg==

GET
H/1.1 200
OK app-9fab0e11a2.css
d308fhmgxc52gy.cloudfront.net/style/ 89 KB
13 KB 49ms
7ms Stylesheet
text/css 2600:9000:21f3:3200:f:c772:f080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d308fhmgxc52gy.cloudfront.net/style/app-9fab0e11a2.css
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3200:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 053af57ac3cb099c90a8da68ea8bb911144e0797e4e3aa834cfa7c15e4d0f757

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 12:27:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
Age: 112459
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: z51rmOtSu28Cu_e8_7G1FE8JYQ9OtG02Orvzrm5dwOg9T4h-eZ8AHw==

GET
H/1.1 200
OK round-warning-24px.svg
go.safelyembodied.com/images/ 888 B
1 KB 105ms
103ms Image
image/svg+xml 34.196.123.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.safelyembodied.com/images/round-warning-24px.svg
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.196.123.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-147.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: d3d8cd0e7252f23d7e9e907842ed3c3929b37c2eb3a6d7ba5ac2fe66ec63cdc0

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 08:26:33 GMT
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5e1f7168-378"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 888

GET
H/1.1 200
OK lib-e23fd70a58.js Show response
d308fhmgxc52gy.cloudfront.net/js/ 911 KB
280 KB 49ms
7ms Script
application/x-javascript 2600:9000:21f3:3200:f:c772:f080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3200:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 0a1c9f15c780944c6a41f4a25ba47fdc46fc9c91c227ab59de40dd013bb564c8

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:13:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
Age: 112459
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: wPZPQVNDSTydCZ3pNYd-_mujXQyKf-FB0CGRCB3z-DwABLx6U-pVtg==

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/4.6.3/ 71 KB
22 KB 24ms
6ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/4.6.3/bundle.min.js

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d5e9f28d921e0c30f10893f0c20faa7e125c5ec12099d31bfa1018133717fb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 08:26:33 GMT
content-encoding: gzip
last-modified: Wed, 20 Feb 2019 14:17:11 GMT
server: Fastly
age: 7683943
etag: "81b0a795cafb793e28e4bfccec591417"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22654
expires: Fri, 20 Nov 2020 10:00:49 GMT

GET
H/1.1 200
OK app-d5fc5d9016.js Show response
d308fhmgxc52gy.cloudfront.net/js/ 153 KB
28 KB 49ms
7ms Script
application/x-javascript 2600:9000:21f3:3200:f:c772:f080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d308fhmgxc52gy.cloudfront.net/js/app-d5fc5d9016.js
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3200:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 7e2158088df5ca8d6ed27833077926e4f191fbd340944c2870f1fae7bbac4e26

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:13:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
Age: 103698
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: 6qAFubAlt_hXE0S9RB8VO6IzvGOerQxOCnTqiDhZZCPVXbcZ0ikcag==

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 18ms
18ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e68f621695aaddd26d597eaabb103b0ec53e8ed9ed7c42369f26bf43a1aad9a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Feb 2020 08:26:33 GMT
server: ESF
date: Tue, 18 Feb 2020 08:26:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Feb 2020 08:26:33 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 19ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b391a4d60f8c792042324de462d8033450257d7e60669821f6a300afabae68a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: d2HeS1/DRc9l0sF+50WEwQ==
status: 200
date: Tue, 18 Feb 2020 08:26:33 GMT, Tue, 18 Feb 2020 08:26:33 GMT
expires: Tue, 18 Feb 2020 08:42:52 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1780
x-fb-debug: Se3E/rQJth4uvqAqvIi1LLEgIxkUlw+I5jaCt+z5/Xfljbvm2t3B7DP65MyWuziOsF/anraRpDZuBS6X1DLL0w==
x-fb-trip-id: 1850256238
x-fb-content-md5: 46c257ca74d5aef72b5eb769790826a1
etag: "bb236bb00c2e64979b508cb824a0753e"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 /
api.bucket.io/v1/outputs/ef50b551/ 96 B
941 B 373ms
136ms XHR
application/json 35.169.45.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bucket.io/v1/outputs/ef50b551/?t=ab

Requested by

Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.45.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-45-136.compute-1.amazonaws.com

Software

nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://go.safelyembodied.com/ab/ef50b551
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 08:26:33 GMT
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.3.1
status: 200, 200 OK
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 62995b61-328a-4295-b658-3e26df1a2912
x-runtime: 0.030047
server: nginx/1.14.0 + Phusion Passenger 5.3.1
x-frame-options: SAMEORIGIN
etag: W/"3b8f42d9f9238351aaa6b2697dc1793d"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.safelyembodied.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true

GET
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 64 KB
64 KB 21ms
21ms Image
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 08:26:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38680
x-xss-protection: 0
server: cafe
etag: 1127200816610504835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Feb 2020 08:26:33 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
59 KB 17ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=549cf609506077653025116fcac274eb&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7dbcf8d75f71e4da315c9fbb35d022b25dec8861bb1111d87192f8eadfd8a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go.safelyembodied.com/ab/ef50b551
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nUvSfJ4H5OYO+prE8F8n9g==
status: 200
date: Tue, 18 Feb 2020 08:26:33 GMT, Tue, 18 Feb 2020 08:26:33 GMT
expires: Wed, 17 Feb 2021 07:29:32 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 59543
x-fb-debug: JWIfAwbD2qCE6vUzGSUz5v62anQlOa0lDm5eYDvfspYrmcDQBAydKrtxhZ+RvdnDSbHJDeR8Mx6GJSjboNH+Hw==
x-fb-trip-id: 1850256238
x-fb-content-md5: 22eb8f9f7bbeb2cda07a591f92242672
etag: "9c8672fcdedf61a3db985a20dedec3fa"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H/1.1 200
OK Primary Request 6d2a4217 Show response
go.safelyembodied.com/sf/ 4 KB
2 KB 104ms
103ms Document
text/html 34.196.123.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go.safelyembodied.com/sf/6d2a4217
Requested by: Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/app-d5fc5d9016.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.196.123.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-147.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: da3f9479a0d2e64d63f63054b5b560dc2dfdfcd93e797d3773c3129f4d8639a1

Request headers

Host: go.safelyembodied.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Referer: https://go.safelyembodied.com/ab/ef50b551
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: document
Referer: https://go.safelyembodied.com/ab/ef50b551

Response headers

Server: nginx/1.4.6 (Ubuntu)
Date: Tue, 18 Feb 2020 08:26:34 GMT
Content-Type: text/html
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip

GET
H2 200 icon
fonts.googleapis.com/ 574 B
468 B 23ms
20ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/sf/6d2a4217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Feb 2020 08:26:34 GMT
server: ESF
date: Tue, 18 Feb 2020 08:26:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Feb 2020 08:26:34 GMT

GET
H/1.1 200
OK lib-2b31e73a50.css
d308fhmgxc52gy.cloudfront.net/style/ 111 KB
19 KB 8ms
6ms Stylesheet
text/css 2600:9000:21f3:3200:f:c772:f080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d308fhmgxc52gy.cloudfront.net/style/lib-2b31e73a50.css
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/sf/6d2a4217
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3200:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 688bb8107c7846f1ef4a06a367d15dd5a62db87b1ba6269d78125c2778b02ab1

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 08:41:01 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
Age: 102375
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: 9fMawbo3B96n3cr1OCcUyh2TeYGN995J9aOgkMcW26oumylgZEzC5Q==

GET
H/1.1 200
OK app-9fab0e11a2.css
d308fhmgxc52gy.cloudfront.net/style/ 89 KB
13 KB 9ms
7ms Stylesheet
text/css 2600:9000:21f3:3200:f:c772:f080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d308fhmgxc52gy.cloudfront.net/style/app-9fab0e11a2.css
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/sf/6d2a4217
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3200:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 053af57ac3cb099c90a8da68ea8bb911144e0797e4e3aa834cfa7c15e4d0f757

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

Date: Mon, 17 Feb 2020 12:27:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
Age: 112460
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: bu0MXMsJ_NscIzKdJHMsWo-vEntitzJ_8_nnC78hMbTcn7o-qvnMLA==

GET
H/1.1 200
OK round-warning-24px.svg
go.safelyembodied.com/images/ 888 B
1 KB 105ms
103ms Image
image/svg+xml 34.196.123.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.safelyembodied.com/images/round-warning-24px.svg
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/sf/6d2a4217
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.196.123.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-147.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: d3d8cd0e7252f23d7e9e907842ed3c3929b37c2eb3a6d7ba5ac2fe66ec63cdc0

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 08:26:34 GMT
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5e1f7168-378"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 888

GET
H/1.1 200
OK lib-e23fd70a58.js Show response
d308fhmgxc52gy.cloudfront.net/js/ 911 KB
280 KB 10ms
9ms Script
application/x-javascript 2600:9000:21f3:3200:f:c772:f080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/sf/6d2a4217
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3200:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 0a1c9f15c780944c6a41f4a25ba47fdc46fc9c91c227ab59de40dd013bb564c8

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:13:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
Age: 112460
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: BsLqG2dcnNknoq5qCXoSY9_dzJF-vdNyHfR72QtAKnM-AQ6SADzuHA==

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/4.6.3/ 71 KB
22 KB 8ms
7ms Script
application/javascript 2a04:4e42:200::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/4.6.3/bundle.min.js

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/sf/6d2a4217

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:200::729 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

d5e9f28d921e0c30f10893f0c20faa7e125c5ec12099d31bfa1018133717fb2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 08:26:34 GMT
content-encoding: gzip
last-modified: Wed, 20 Feb 2019 14:17:11 GMT
server: Fastly
age: 7683944
etag: "81b0a795cafb793e28e4bfccec591417"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: public, max-age=31536000
strict-transport-security: max-age=31536000; includeSubDomains
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22654
expires: Fri, 20 Nov 2020 10:00:49 GMT

GET
H/1.1 200
OK app-d5fc5d9016.js Show response
d308fhmgxc52gy.cloudfront.net/js/ 153 KB
28 KB 9ms
8ms Script
application/x-javascript 2600:9000:21f3:3200:f:c772:f080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d308fhmgxc52gy.cloudfront.net/js/app-d5fc5d9016.js
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/sf/6d2a4217
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:3200:f:c772:f080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 7e2158088df5ca8d6ed27833077926e4f191fbd340944c2870f1fae7bbac4e26

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

Date: Mon, 17 Feb 2020 10:13:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
Age: 103699
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
Connection: keep-alive
X-Amz-Cf-Id: qNso91MYjVnxiAqmFGbZbTY9C8UxGw3v3GZW3YWPWPGchoO7FIbDag==

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:820::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/sf/6d2a4217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e68f621695aaddd26d597eaabb103b0ec53e8ed9ed7c42369f26bf43a1aad9a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: style

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 18 Feb 2020 08:26:34 GMT
server: ESF
date: Tue, 18 Feb 2020 08:26:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 18 Feb 2020 08:26:34 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/sf/6d2a4217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b391a4d60f8c792042324de462d8033450257d7e60669821f6a300afabae68a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: d2HeS1/DRc9l0sF+50WEwQ==
status: 200
date: Tue, 18 Feb 2020 08:26:34 GMT, Tue, 18 Feb 2020 08:26:34 GMT
expires: Tue, 18 Feb 2020 08:42:52 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 1780
x-fb-debug: Se3E/rQJth4uvqAqvIi1LLEgIxkUlw+I5jaCt+z5/Xfljbvm2t3B7DP65MyWuziOsF/anraRpDZuBS6X1DLL0w==
x-fb-trip-id: 1850256238
x-fb-content-md5: 46c257ca74d5aef72b5eb769790826a1
etag: "bb236bb00c2e64979b508cb824a0753e"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 / Show response
api.bucket.io/v1/outputs/6d2a4217/ 88 KB
89 KB 362ms
362ms XHR
application/json 35.169.45.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bucket.io/v1/outputs/6d2a4217/?t=sf

Requested by

Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.45.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-45-136.compute-1.amazonaws.com

Software

nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1

Resource Hash

ab176d35060628f2ab7a48e98f69389deed9eca2534596a36bff93356aa9191c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://go.safelyembodied.com/sf/6d2a4217
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 18 Feb 2020 08:26:34 GMT
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.3.1
status: 200, 200 OK
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: 5dbf40c8-d1b0-4066-b1d2-4b903b2e8cee
x-runtime: 0.251695
server: nginx/1.14.0 + Phusion Passenger 5.3.1
x-frame-options: SAMEORIGIN
etag: W/"52e964214121f917b76ea6a34fea4190"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.safelyembodied.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true

GET
H2 200 adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 64 KB
64 KB 20ms
20ms Image
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/sf/6d2a4217

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 08:26:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 38676
x-xss-protection: 0
server: cafe
etag: 5904681658312064582
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 18 Feb 2020 08:26:34 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 194 KB
58 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=549cf609506077653025116fcac274eb&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e7dbcf8d75f71e4da315c9fbb35d022b25dec8861bb1111d87192f8eadfd8a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: script
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nUvSfJ4H5OYO+prE8F8n9g==
status: 200
date: Tue, 18 Feb 2020 08:26:34 GMT, Tue, 18 Feb 2020 08:26:34 GMT
expires: Wed, 17 Feb 2021 07:29:32 GMT
alt-svc: h3-24=":443"; ma=3600
content-length: 59543
x-fb-debug: JWIfAwbD2qCE6vUzGSUz5v62anQlOa0lDm5eYDvfspYrmcDQBAydKrtxhZ+RvdnDSbHJDeR8Mx6GJSjboNH+Hw==
x-fb-trip-id: 1850256238
x-fb-content-md5: 22eb8f9f7bbeb2cda07a591f92242672
etag: "9c8672fcdedf61a3db985a20dedec3fa"
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v16/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v16/S6uyw4BMUTPHjx4wXiWtFCc.woff2

Requested by

Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Cabin:400,700|Exo:400,700|Lato:400,700|Montserrat:400,700|Noto+Sans:400,700|Open+Sans:400,700|Raleway:400,700|Roboto:400,700
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 23 Jan 2020 18:51:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:45:55 GMT
server: sffe
age: 2208893
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14044
x-xss-protection: 0
expires: Fri, 22 Jan 2021 18:51:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 126 KB
30 KB 11ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 30466
x-xss-protection: 0
pragma: public
x-fb-debug: G1v54IysXD2jOT1PI29UGUzjt7NAgoCyV1tH+ML88p7p8Mxuxc3chiP9JOrzObwpVVE86zatC8lGW4ptbCO7NQ==
x-fb-trip-id: 1850256238
date: Tue, 18 Feb 2020 08:26:34 GMT, Tue, 18 Feb 2020 08:26:34 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 74 KB
28 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-98253442-1

Requested by

Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

447f900a8e21b975fb4cdac7a46d119219307131ac00f821ed12d0d03a3b489e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 08:26:34 GMT
content-encoding: br
status: 200
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28496
x-xss-protection: 0
last-modified: Tue, 18 Feb 2020 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 18 Feb 2020 08:26:34 GMT

GET
H2 200 diffuser.js Show response
diffuser-cdn.app-us1.com/diffuser/ 100 KB
32 KB 47ms
14ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 279a19c01fc41318f56bd407a24ce16ac8ff7fe77405061f465bc2ca0852bc99

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 08:26:34 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 234
x-cache: Miss from cloudfront
status: 200
last-modified: Fri, 22 Nov 2019 16:24:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 660f4277d8fbef27985e8a4a97e362cc.cloudfront.net (CloudFront)
cache-control: public, max-age=300
x-amz-cf-pop: FRA53-C1
cf-ray: 566e9def7a9d63a1-FRA
x-amz-cf-id: RIwDC9adqEHJjiQp3TbZoZGP8tywS69H84J72QlEwKkAm0_B4gpRtg==

GET
H2 200 track.js Show response
cdn.funnelytics.io/ 8 KB
3 KB 180ms
21ms Script
application/javascript 143.204.101.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.funnelytics.io/track.js
Requested by: Host: go.safelyembodied.com
URL: https://go.safelyembodied.com/ab/ef50b551
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 143.204.101.39 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-101-39.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1badd7345c299f84d90547dc79c441da2089724e5d6b781f8453c165a27fae59

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Mon, 17 Feb 2020 18:19:42 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 18:15:25 GMT
server: AmazonS3
age: 50813
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: yBKNqOhZ0KgsY9FXxHdvdg5IUqbEuYmtmwOICX62Gy2WW-vu0msrAA==
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)

OPTIONS
H2 200 takers Show response
api.bucket.io/v1/ 0
642 B 104ms
104ms XHR
text/plain 35.169.45.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bucket.io/v1/takers
Requested by: Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.45.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-45-136.compute-1.amazonaws.com
Software: nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://go.safelyembodied.com
Referer: https://go.safelyembodied.com/sf/6d2a4217
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Tue, 18 Feb 2020 08:26:34 GMT
server: nginx/1.14.0 + Phusion Passenger 5.3.1
access-control-allow-origin: https://go.safelyembodied.com
x-powered-by: Phusion Passenger 5.3.1
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: text/plain
status: 200, 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type

GET
H2 200 1254155111367680 Show response
connect.facebook.net/signals/config/ 447 KB
112 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1254155111367680?v=2.9.15&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7f8885d6042b3680b3fb85a6b712dd3fade58c4c95b7ae33062faa3b4441db9d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-24=":443"; ma=3600
content-length: 114948
x-xss-protection: 0
pragma: public
x-fb-debug: QJSaSQXczHeHrwAzJzGWctt3AnsCBdmFY8RUTDcVkQTfAI+YYjmAw+qg9gvCDI7ckwX3XldhTaOcPolUTrwXRg==
x-fb-trip-id: 1850256238
date: Tue, 18 Feb 2020 08:26:34 GMT, Tue, 18 Feb 2020 08:26:34 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 44 KB
18 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-98253442-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 06 Feb 2020 00:21:02 GMT
server: Golfe2
age: 6782
date: Tue, 18 Feb 2020 06:33:32 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 18174
expires: Tue, 18 Feb 2020 08:33:32 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
103 B 13ms
13ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j81&a=1505634234&t=pageview&_s=1&dl=https%3A%2F%2Fgo.safelyembodied.com%2Fsf%2F6d2a4217&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1870109901&gjid=1097778927&cid=1456501640.1582014395&tid=UA-98253442-1&_gid=1377607055.1582014395&_r=1&gtm=2ou250&z=2098192503

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

pragma: no-cache
date: Tue, 18 Feb 2020 08:26:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
349 B 17ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1254155111367680&ev=PageView&dl=https%3A%2F%2Fgo.safelyembodied.com%2Fsf%2F6d2a4217&rl=https%3A%2F%2Fgo.safelyembodied.com%2Fab%2Fef50b551&if=false&ts=1582014394822&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582014394821.1393364699&it=1582014394779&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 08:26:34 GMT, Tue, 18 Feb 2020 08:26:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 18 Feb 2020 08:26:34 GMT

GET
H2 200 / Show response
prism.app-us1.com/ 0
211 B 675ms
673ms Script
application/javascript 2606:4700::6811:925b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prism.app-us1.com/?a=25470070&u=https%3A%2F%2Fgo.safelyembodied.com%2Fsf%2F6d2a4217&r=https%3A%2F%2Fgo.safelyembodied.com%2Fab%2Fef50b551
Requested by: Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:925b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.25
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: script

Response headers

date: Tue, 18 Feb 2020 08:26:35 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: PHP/7.2.25
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/javascript
status: 200
cache-control: no-cache, private
cf-ray: 566e9defdada63a1-FRA
content-length: 0

POST
H2 201 takers Show response
api.bucket.io/v1/ 471 B
1 KB 605ms
605ms XHR
application/json 35.169.45.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bucket.io/v1/takers

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.45.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-45-136.compute-1.amazonaws.com

Software

nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1

Resource Hash

54e7d312d49cefd5046856589450fc31c4ec8e2d43518c1e7f03d21f873e8446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://go.safelyembodied.com/sf/6d2a4217
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 18 Feb 2020 08:26:35 GMT
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.3.1
status: 201, 201 Created
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: a7d720ab-896c-4a6a-951e-98ab6b0860b0
x-runtime: 0.499391
server: nginx/1.14.0 + Phusion Passenger 5.3.1
x-frame-options: SAMEORIGIN
etag: W/"ece53caac81334019fc27d161edff774"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.safelyembodied.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true

OPTIONS
H/1.1 204
No Content sessions Show response
track.funnelytics.io/ 0
408 B 769ms
189ms XHR
text/plain 52.42.233.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.funnelytics.io/sessions
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.233.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-233-42.us-west-2.compute.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://go.safelyembodied.com
Referer: https://go.safelyembodied.com/sf/6d2a4217
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Tue, 18 Feb 2020 08:26:35 GMT
Server: nginx/1.12.1
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Methods: GET,POST,PATCH,DELETE
Access-Control-Allow-Origin: https://go.safelyembodied.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
Content-Length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1254155111367680&ev=Microdata&dl=https%3A%2F%2Fgo.safelyembodied.com%2Fsf%2F6d2a4217&rl=https%3A%2F%2Fgo.safelyembodied.com%2Fab%2Fef50b551&if=false&ts=1582014395326&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Bucket.io%22%2C%22og%3Adescription%22%3A%22%22%2C%22og%3Aimage%22%3A%22%2Fimages%2Flogo.svg%22%2C%22og%3Aurl%22%3A%22%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582014394821.1393364699&it=1582014394779&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Tue, 18 Feb 2020 08:26:35 GMT, Tue, 18 Feb 2020 08:26:35 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-24=":443"; ma=3600
content-length: 44
expires: Tue, 18 Feb 2020 08:26:35 GMT

OPTIONS
H2 200 register_view Show response
api.bucket.io/v1/segmentation_funnels/welcome_page_stats/ 0
654 B 105ms
105ms XHR
text/plain 35.169.45.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bucket.io/v1/segmentation_funnels/welcome_page_stats/register_view
Requested by: Host: d308fhmgxc52gy.cloudfront.net
URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.169.45.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-169-45-136.compute-1.amazonaws.com
Software: nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://go.safelyembodied.com
Referer: https://go.safelyembodied.com/sf/6d2a4217
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type,x-taker-token

Response headers

date: Tue, 18 Feb 2020 08:26:35 GMT
server: nginx/1.14.0 + Phusion Passenger 5.3.1
access-control-allow-origin: https://go.safelyembodied.com
x-powered-by: Phusion Passenger 5.3.1
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: text/plain
status: 200, 200 OK
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-taker-token

GET
H/1.1 200
OK loading-results.svg
go.safelyembodied.com/images/ 24 KB
24 KB 195ms
194ms Image
image/svg+xml 34.196.123.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.safelyembodied.com/images/loading-results.svg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.196.123.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-147.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 418e9adb3291a201d03b91c45713ce9266a81b6488ebc72eca0c635ffe4a800e

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 08:26:35 GMT
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5e1f7168-5ed4"
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24276

GET
H2 200 c44c344b-c6ad-4a54-9d52-1cd359f1b7cb.gif
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnel/wp_image/19452/ 322 KB
323 KB 47ms
22ms Image
image/gif 2600:9000:2156:c600:8:19e3:a500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnel/wp_image/19452/c44c344b-c6ad-4a54-9d52-1cd359f1b7cb.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c600:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24945f7141fea5dbd1337876070cf2b83310d17ec6558bcdf6be608a08e01924

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 08 Feb 2020 09:11:04 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Mon, 29 Jul 2019 19:26:37 GMT
server: AmazonS3
age: 861332
etag: "b01e3e7e1460c854dd56bfbdb586a2c8"
x-cache: Hit from cloudfront
x-amz-version-id: An6xc.yzehavdyQDn.NynIiCGGZbqkxM
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
content-length: 330222
x-amz-cf-id: 3ZXyf6o0EdaYFWd8a865qRcegflW38mODH_Ng33PclVs8UiGOqG59w==

GET
H2 200 Harvard_conference_logo.png
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319181719/ 19 KB
20 KB 45ms
20ms Image
image/png 2600:9000:2156:c600:8:19e3:a500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319181719/Harvard_conference_logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c600:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1110cab855d4f6f08020268cd73ea5a0e5dc1226d6dd64aea810804229ffa7aa

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 18:18:02 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 18:17:20 GMT
server: AmazonS3
age: 223714
etag: "5659e54f59f3116cd548d2e91e24aabb"
x-cache: Hit from cloudfront
x-amz-version-id: gRYet9vySU6RO3wq8wMWcRnk.rG.bo5V
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 19946
x-amz-cf-id: 9dHpgABO6z2zSn4GABGTYXhBudCK9rVCqYni8GcKFcvYAjBdVmLN1w==

GET
H2 200 IFS_logo.gif
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319181732/ 7 KB
8 KB 55ms
31ms Image
image/gif 2600:9000:2156:c600:8:19e3:a500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319181732/IFS_logo.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c600:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fb6f84a4fa9271f068eac0051c13860d9cf1965320707536831a37fbbf088f3

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 18:18:01 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 18:17:33 GMT
server: AmazonS3
age: 223715
etag: "be2bc9e2632c4441b6731dc44991fd0f"
x-cache: Hit from cloudfront
x-amz-version-id: EtecsWzMQW07S5pOnMqBGUrNgfRLrpUV
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/gif
content-length: 7386
x-amz-cf-id: kERW0r-5ZwMEtTOSBGkupI2hcRnqzCvahgcbPyg1kSxKEbKtn-Vniw==

GET
H2 200 Medium.PNG
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319181739/ 3 KB
3 KB 58ms
34ms Image
image/png 2600:9000:2156:c600:8:19e3:a500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319181739/Medium.PNG
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c600:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5bc51dc660b38d5c701e0f14cc12d0b105aee82b31cc77a198ade78a0a70c394

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 18:18:02 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 18:17:42 GMT
server: AmazonS3
age: 223714
etag: "5638382eaa3e79521de40554e7a84b4f"
x-cache: Hit from cloudfront
x-amz-version-id: csklXiBFyw8aSLvP7OVbk5r3wIcdIWiI
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 2574
x-amz-cf-id: u41x85ZMKlarjGMGrSbmz_EUni-CGeeCSDDr6jO_9n7PP7NpEvDnGA==

GET
H2 200 CFT.png
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319182000/ 19 KB
20 KB 59ms
34ms Image
image/png 2600:9000:2156:c600:8:19e3:a500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319182000/CFT.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c600:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1457278ed4e190275ee5c7eff143f168cf5124dc79c2d28c5f1bc4311e463bcc

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 18:18:01 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 18:20:01 GMT
server: AmazonS3
age: 223714
etag: "43fb6c9d2f958f1355099d31e6068083"
x-cache: Hit from cloudfront
x-amz-version-id: s6RtA9IHetkuwaWbK5FTCwnpdJk3St_x
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 19955
x-amz-cf-id: nkVGiiVCvIsIAFUI-F4Y82HlXNLIpzXDkoSqkTW7kFBp8OhtxH5rnw==

GET
H2 200 brattleboro-retreat-logo.png
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319182054/ 14 KB
14 KB 59ms
34ms Image
image/png 2600:9000:2156:c600:8:19e3:a500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319182054/brattleboro-retreat-logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c600:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4aaeb6e9879201055cb829d63633ce530276a5d453b06d05cc8039202e1e8436

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Fri, 27 Sep 2019 14:28:20 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 18:20:55 GMT
server: AmazonS3
age: 12419896
etag: "cdb91716d10a2acf21a72a0b861e62d7"
x-cache: Hit from cloudfront
x-amz-version-id: _wM8d6wYblnyfalVtjC_9lSjKtgfuCxa
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 14235
x-amz-cf-id: pEOk-TK4unZF8b_ERfnDYDMEMtCgoemuxE3wu2114cNN8mcPq2VkjA==

GET
H2 200 Leading_Edge_logo.png
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319182148/ 5 KB
5 KB 24ms
19ms Image
image/png 2600:9000:2156:c600:8:19e3:a500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319182148/Leading_Edge_logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c600:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45c1b6f0a75ffab8cd2cb15e8b7b16a919194f30b29de6f777c276b76e600686

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 18:18:01 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 18:21:49 GMT
server: AmazonS3
age: 223715
etag: "279e56cc6ae60d240cb7d726f7cf79bb"
x-cache: Hit from cloudfront
x-amz-version-id: kVug8g6suLP_AcYdg3JhS22AYGxoMExH
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 4792
x-amz-cf-id: LDS7nH77YanIHK6EeAlRmz0lXxIVl99L6py2tXYzBkIKXsR4WaelJw==

GET
H2 200 image001.jpg
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319185420/ 103 KB
103 KB 14ms
9ms Image
image/jpeg 2600:9000:2156:c600:8:19e3:a500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190319185420/image001.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c600:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce107c0485fc95f49b4097d7d68ee2864b6d27a497bedeb8b0eff45cce419653

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 18:18:01 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Tue, 19 Mar 2019 18:54:21 GMT
server: AmazonS3
age: 223714
etag: "e9f374054108e6b8441b477fd2344488"
x-cache: Hit from cloudfront
x-amz-version-id: HGz7gvX3cvwhSy6iBIRvagOXNb3B9BU3
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 105318
x-amz-cf-id: BcvJ-qZCRoxFvXM5Kgf_xbFNH60mKEAdJ915SmlKtnACJxW-HmBp6g==

GET
H/1.1 200
OK /
go.safelyembodied.com/ 4 KB
4 KB 299ms
103ms Image
text/html 34.196.123.147
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.safelyembodied.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.196.123.147 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-196-123-147.compute-1.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://go.safelyembodied.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

Date: Tue, 18 Feb 2020 08:26:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Jan 2020 20:09:12 GMT
Server: nginx/1.4.6 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: text/html

GET
H2 200 resizeimage.png
d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190318223314/ 227 KB
227 KB 36ms
31ms Image
image/png 2600:9000:2156:c600:8:19e3:a500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1wssizvfpltp0.cloudfront.net/uploads/segmentation_funnels/images/20190318223314/resizeimage.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2156:c600:8:19e3:a500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bb28c8dc6d338c8a71a6a4ff606424524a4a9545b50b3a95178789f9067a1722

Request headers

Referer: https://go.safelyembodied.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest: image

Response headers

date: Sat, 15 Feb 2020 03:49:34 GMT
via: 1.1 b912dc97777020eb19579888add26978.cloudfront.net (CloudFront)
last-modified: Mon, 18 Mar 2019 22:33:15 GMT
server: AmazonS3
age: 275822
etag: "a9d95784a2d7102dff9d7e438e804eb1"
x-cache: Hit from cloudfront
x-amz-version-id: hrzvRj_0852JRJdRYAGQNRe6ygmP1JcV
status: 200
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: image/png
content-length: 232257
x-amz-cf-id: 12uvjjK5LzMNOiBh2lR_lsl_wrk7CxI8VKghCVJRSBG8iVVkveVpXQ==

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Cabin:400,700|Exo:400,700|Lato:400,700|Montserrat:400,700|Noto+Sans:400,700|Open+Sans:400,700|Raleway:400,700|Roboto:400,700
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 01 Feb 2020 19:32:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:31:11 GMT
server: sffe
age: 1428821
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9080
x-xss-protection: 0
expires: Sun, 31 Jan 2021 19:32:54 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ 9 KB
9 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v17/mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/css?family=Cabin:400,700|Exo:400,700|Lato:400,700|Montserrat:400,700|Noto+Sans:400,700|Open+Sans:400,700|Raleway:400,700|Roboto:400,700
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Thu, 30 Jan 2020 02:11:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 19:30:49 GMT
server: sffe
age: 1664078
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 9132
x-xss-protection: 0
expires: Fri, 29 Jan 2021 02:11:57 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2
fonts.gstatic.com/s/materialicons/v48/ 59 KB
60 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v48/flUhRq6tzZclQEJ-Vdg-IuiaDsNcIhQ8tQ.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/icon?family=Material+Icons
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: font
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 06:13:14 GMT
x-content-type-options: nosniff
last-modified: Tue, 23 Jul 2019 03:50:48 GMT
server: sffe
age: 2340801
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 60840
x-xss-protection: 0
expires: Thu, 21 Jan 2021 06:13:14 GMT

POST
H2 201 register_view Show response
api.bucket.io/v1/segmentation_funnels/welcome_page_stats/ 126 B
975 B 136ms
136ms XHR
application/json 35.169.45.136
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.bucket.io/v1/segmentation_funnels/welcome_page_stats/register_view

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.169.45.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-35-169-45-136.compute-1.amazonaws.com

Software

nginx/1.14.0 + Phusion Passenger 5.3.1 / Phusion Passenger 5.3.1

Resource Hash

659dafc4ae02b2a65c7d45a6bd708f0dfc01e7186a3357987ad64271a2467899

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://go.safelyembodied.com/sf/6d2a4217
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: empty
Content-Type: application/json;charset=UTF-8
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
X-Taker-Token: T3PZxtG7Pv_rxGzY5yAM

Response headers

date: Tue, 18 Feb 2020 08:26:35 GMT
x-content-type-options: nosniff
x-powered-by: Phusion Passenger 5.3.1
status: 201, 201 Created
vary: Origin
x-xss-protection: 1; mode=block
x-request-id: d897c914-aca5-4502-9d32-114161d09266
x-runtime: 0.031012
server: nginx/1.14.0 + Phusion Passenger 5.3.1
x-frame-options: SAMEORIGIN
etag: W/"14764f997839af0ba53b770851e874c8"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, PATCH, OPTIONS, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: https://go.safelyembodied.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 201
Created sessions Show response
track.funnelytics.io/ 45 B
398 B 232ms
232ms XHR
application/json 52.42.233.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.funnelytics.io/sessions
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.233.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-233-42.us-west-2.compute.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: 2e9b7fa31d84591f1c030a13baac7b7685e398a1ec5ef988ac3e0a09999ee7a0

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 18 Feb 2020 08:26:35 GMT
Server: nginx/1.12.1
X-Powered-By: Express
ETag: W/"2d-9lJBvl4GNWzdSqQNJJpk/70ysXw"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://go.safelyembodied.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 45

OPTIONS
H/1.1 204
No Content steps Show response
track.funnelytics.io/ 0
408 B 189ms
189ms XHR
text/plain 52.42.233.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.funnelytics.io/steps
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.233.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-233-42.us-west-2.compute.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://go.safelyembodied.com
Referer: https://go.safelyembodied.com/sf/6d2a4217
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Tue, 18 Feb 2020 08:26:36 GMT
Server: nginx/1.12.1
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Methods: GET,POST,PATCH,DELETE
Access-Control-Allow-Origin: https://go.safelyembodied.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
Content-Length: 0

OPTIONS
H/1.1 204
No Content cd25be1e-b804-4e5f-9b24-830324627c6e Show response
track.funnelytics.io/settings/ 0
408 B 378ms
189ms XHR
text/plain 52.42.233.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.funnelytics.io/settings/cd25be1e-b804-4e5f-9b24-830324627c6e
Requested by: Host: cdn.funnelytics.io
URL: https://cdn.funnelytics.io/track.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.233.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-233-42.us-west-2.compute.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: GET
Origin: https://go.safelyembodied.com
Referer: https://go.safelyembodied.com/sf/6d2a4217
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

Date: Tue, 18 Feb 2020 08:26:36 GMT
Server: nginx/1.12.1
X-Powered-By: Express
Vary: Origin
Access-Control-Allow-Methods: GET,POST,PATCH,DELETE
Access-Control-Allow-Origin: https://go.safelyembodied.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept,Authorization
Content-Length: 0

POST
H/1.1 201
Created steps Show response
track.funnelytics.io/ 45 B
398 B 408ms
220ms XHR
application/json 52.42.233.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.funnelytics.io/steps
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.233.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-233-42.us-west-2.compute.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: 54e8112286ba7cc8efa6871330028c75b13c36b73f6cb3713ba3fef489d2b2c9

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 18 Feb 2020 08:26:36 GMT
Server: nginx/1.12.1
X-Powered-By: Express
ETag: W/"2d-ngA6iC10J1NLslfoxUQ0JJ2p64U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://go.safelyembodied.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 45

GET
H/1.1 200
OK cd25be1e-b804-4e5f-9b24-830324627c6e Show response
track.funnelytics.io/settings/ 796 B
692 B 198ms
198ms XHR
application/json 52.42.233.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.funnelytics.io/settings/cd25be1e-b804-4e5f-9b24-830324627c6e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.233.42 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-233-42.us-west-2.compute.amazonaws.com
Software: nginx/1.12.1 / Express
Resource Hash: ca497ca553a0ad2c4646995c505fcbda18383499718a86d086175e6d382d6a4c

Request headers

Referer: https://go.safelyembodied.com/sf/6d2a4217
Origin: https://go.safelyembodied.com
Sec-Fetch-Dest: empty
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 18 Feb 2020 08:26:36 GMT
Content-Encoding: gzip
ETag: W/"31c-oX6XnyMgT24jytvE4Bb1tRTpcmg"
Server: nginx/1.12.1
X-Powered-By: Express
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://go.safelyembodied.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 318

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js(Line 5) Message: This browser does not support Web Storage!
console-api	error	URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js(Line 5) Message: TypeError: Cannot read property 'status' of undefined Possibly unhandled rejection: {}
console-api	error	URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js(Line 5) Message: TypeError: Cannot read property 'type' of undefined Possibly unhandled rejection: {}
console-api	error	URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js(Line 5) Message: Possibly unhandled rejection: {"data":{"redirect_to":"https://go.safelyembodied.com/sf/6d2a4217"},"meta":{"token":"ef50b551"}}
console-api	warning	URL: https://d308fhmgxc52gy.cloudfront.net/js/lib-e23fd70a58.js(Line 5) Message: This browser does not support Web Storage!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.bucket.io
browser.sentry-cdn.com
cdn.funnelytics.io
connect.facebook.net
d1wssizvfpltp0.cloudfront.net
d308fhmgxc52gy.cloudfront.net
diffuser-cdn.app-us1.com
fonts.googleapis.com
fonts.gstatic.com
go.safelyembodied.com
pagead2.googlesyndication.com
prism.app-us1.com
track.funnelytics.io
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.safelyembodied.safelyembodiedforum.com
143.204.101.39
2600:9000:2156:c600:8:19e3:a500:21
2600:9000:21f3:3200:f:c772:f080:93a1
2606:4700::6811:925b
2a00:1450:4001:806::2008
2a00:1450:4001:806::200e
2a00:1450:4001:808::2002
2a00:1450:4001:816::2003
2a00:1450:4001:820::200a
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::729
34.196.123.147
35.169.45.136
52.42.233.42
69.195.69.120
036d841b132c14046e26d8f2da1bc634c6ad34885ed1295660694a91c98933a6
053af57ac3cb099c90a8da68ea8bb911144e0797e4e3aa834cfa7c15e4d0f757
09e13bc501877a8383c2661e6fc80187efadbd82ac4d3b0d1ec8a41d8630756c
0a1c9f15c780944c6a41f4a25ba47fdc46fc9c91c227ab59de40dd013bb564c8
0c9a3f7fdc13a3ff04b74e9b982c28fa738fa9373bd43bd24dbca5f2dc360f24
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1110cab855d4f6f08020268cd73ea5a0e5dc1226d6dd64aea810804229ffa7aa
1457278ed4e190275ee5c7eff143f168cf5124dc79c2d28c5f1bc4311e463bcc
1badd7345c299f84d90547dc79c441da2089724e5d6b781f8453c165a27fae59
24945f7141fea5dbd1337876070cf2b83310d17ec6558bcdf6be608a08e01924
279a19c01fc41318f56bd407a24ce16ac8ff7fe77405061f465bc2ca0852bc99
2e9b7fa31d84591f1c030a13baac7b7685e398a1ec5ef988ac3e0a09999ee7a0
2fb6f84a4fa9271f068eac0051c13860d9cf1965320707536831a37fbbf088f3
418e9adb3291a201d03b91c45713ce9266a81b6488ebc72eca0c635ffe4a800e
447f900a8e21b975fb4cdac7a46d119219307131ac00f821ed12d0d03a3b489e
45c1b6f0a75ffab8cd2cb15e8b7b16a919194f30b29de6f777c276b76e600686
4aaeb6e9879201055cb829d63633ce530276a5d453b06d05cc8039202e1e8436
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54e7d312d49cefd5046856589450fc31c4ec8e2d43518c1e7f03d21f873e8446
54e8112286ba7cc8efa6871330028c75b13c36b73f6cb3713ba3fef489d2b2c9
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5bc51dc660b38d5c701e0f14cc12d0b105aee82b31cc77a198ade78a0a70c394
659dafc4ae02b2a65c7d45a6bd708f0dfc01e7186a3357987ad64271a2467899
688bb8107c7846f1ef4a06a367d15dd5a62db87b1ba6269d78125c2778b02ab1
7e2158088df5ca8d6ed27833077926e4f191fbd340944c2870f1fae7bbac4e26
7f8885d6042b3680b3fb85a6b712dd3fade58c4c95b7ae33062faa3b4441db9d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
ab176d35060628f2ab7a48e98f69389deed9eca2534596a36bff93356aa9191c
b391a4d60f8c792042324de462d8033450257d7e60669821f6a300afabae68a6
bb28c8dc6d338c8a71a6a4ff606424524a4a9545b50b3a95178789f9067a1722
ca497ca553a0ad2c4646995c505fcbda18383499718a86d086175e6d382d6a4c
ce107c0485fc95f49b4097d7d68ee2864b6d27a497bedeb8b0eff45cce419653
d3d8cd0e7252f23d7e9e907842ed3c3929b37c2eb3a6d7ba5ac2fe66ec63cdc0
d5e9f28d921e0c30f10893f0c20faa7e125c5ec12099d31bfa1018133717fb2a
da3f9479a0d2e64d63f63054b5b560dc2dfdfcd93e797d3773c3129f4d8639a1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e68f621695aaddd26d597eaabb103b0ec53e8ed9ed7c42369f26bf43a1aad9a0
e7dbcf8d75f71e4da315c9fbb35d022b25dec8861bb1111d87192f8eadfd8a56
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d

go.safelyembodied.com Open in urlscan Pro 34.196.123.147 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

61 Requests

100 %HTTPS

69 %IPv6

14 Domains

17 Subdomains

15 IPs

4 Countries

2148 kBTransfer

4980 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

61 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

go.safelyembodied.com Open in urlscan Pro
34.196.123.147 Public Scan

Screenshot
Live screenshot

Full Image

61
Requests

100 %
HTTPS

69 %
IPv6

14
Domains

17
Subdomains

15
IPs

4
Countries

2148 kB
Transfer

4980 kB
Size

0
Cookies

61 HTTP transactions
0 data transactions