urlscan.io logo urlscan.io
SecurityTrails logo

app.site123.com Open in urlscan Pro
34.232.5.253  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.safehaventarot.com/
Effective URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Submission: On August 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 4 countries across 16 domains to perform 42 HTTP transactions. The main IP is 34.232.5.253, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is app.site123.com.
TLS certificate: Issued by Amazon on November 13th 2019. Valid for: a year.
This is the only time app.site123.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    3.213.12.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-213-12-15.compute-1.amazonaws.com
www.safehaventarot.com
1    34.232.5.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-5-253.compute-1.amazonaws.com
app.site123.com
1    2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2600:9000:214f:800:12:70d0:9c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn-cms-s.f-static.net
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    172.217.23.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s18-in-f130.1e100.net
www.googleadservices.com
1    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    99.86.7.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-67.fra6.r.cloudfront.net
widget.intercom.io
15    99.86.7.54 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-54.fra6.r.cloudfront.net
js.intercomcdn.com
1    66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net
bid.g.doubleclick.net
3    75.2.88.188 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
1    143.204.202.24 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-202-24.fra53.r.cloudfront.net
static.intercomassets.com
Domain Requested by
15 js.intercomcdn.com js.intercomcdn.com
5 cdn-cms-s.f-static.net app.site123.com
3 api-iam.intercom.io js.intercomcdn.com
3 www.google-analytics.com 1 redirects app.site123.com
www.google-analytics.com
2 www.facebook.com app.site123.com
2 fonts.gstatic.com app.site123.com
2 www.google.de app.site123.com
2 www.google.com 1 redirects app.site123.com
2 connect.facebook.net app.site123.com
connect.facebook.net
1 static.intercomassets.com
1 bid.g.doubleclick.net www.googleadservices.com
1 widget.intercom.io 1 redirects
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net 1 redirects
1 www.googleadservices.com www.googletagmanager.com
1 ajax.googleapis.com app.site123.com
1 fonts.googleapis.com app.site123.com
1 www.googletagmanager.com app.site123.com
1 app.site123.com
1 www.safehaventarot.com 1 redirects
42 20

This site contains links to these domains. Also see Links.

Domain
www.site123.com
Subject Issuer Validity Valid
*.site123.com
Amazon		 2019-11-13 -
2020-12-13		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-07-15 -
2020-10-07		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.f-static.net
Amazon		 2020-02-06 -
2021-03-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-07-21 -
2020-10-12		 3 months crt.sh
www.googleadservices.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-07-07 -
2020-09-29		 3 months crt.sh
*.intercomcdn.com
Amazon		 2020-03-29 -
2021-04-29		 a year crt.sh
*.intercom.com
Amazon		 2020-05-13 -
2021-06-13		 a year crt.sh
intercomassets.com
Amazon		 2019-09-13 -
2020-10-13		 a year crt.sh

This page contains 5 frames:

Primary Page: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Frame ID: 58C106D719856B45AD774AE336ABCA7F
Requests: 23 HTTP requests in this frame

Frame: https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Frame ID: C8FB250C359E7304060DF6D4300001CC
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.b2434170.js
Frame ID: 38CD8F019EADAAABD2B5D89312D7AAFA
Requests: 13 HTTP requests in this frame

Frame: https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Frame ID: ABCFEB32D1D5934BE7BA31761B2762C3
Requests: 1 HTTP requests in this frame

Frame: https://js.intercomcdn.com/images/close.1359f860.png
Frame ID: E444C5296B4E3E6086A744E89E364D67
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.safehaventarot.com/ HTTP 302
    https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

42
Requests

100 %
HTTPS

60 %
IPv6

16
Domains

20
Subdomains

17
IPs

4
Countries

1002 kB
Transfer

3511 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.safehaventarot.com/ HTTP 302
    https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2028152041&t=pageview&_s=1&dl=https%3A%2F%2Fapp.site123.com%2Fmanager%2Flogin%2FdomainVerify.php%3Funique_domain%3Dwww.safehaventarot.com&ul=en-us&de=UTF-8&dt=Domain%20Verification%20-%20SITE123&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAEADQ~&jid=1152924052&gjid=1336421074&cid=890925528.1596477423&tid=UA-54337428-1&_gid=954651982.1596477423&_r=1&z=277576876 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54337428-1&cid=890925528.1596477423&jid=1152924052&_gid=954651982.1596477423&gjid=1336421074&_v=j83&z=277576876 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54337428-1&cid=890925528.1596477423&jid=1152924052&_v=j83&z=277576876 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54337428-1&cid=890925528.1596477423&jid=1152924052&_v=j83&z=277576876&slf_rd=1&random=3670191235
Request Chain 20
  • https://widget.intercom.io/widget/jokji8l9 HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request domainVerify.php
app.site123.com/manager/login/
Redirect Chain
  • https://www.safehaventarot.com/
  • https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.232.5.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-232-5-253.compute-1.amazonaws.com
Software
Apache /
Resource Hash
c4700337a1e03e5f65539e61f33b653d3dfee2150bb87ea76eea7cc7e9e6eccb

Request headers

:method
GET
:authority
app.site123.com
:scheme
https
:path
/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Mon, 03 Aug 2020 17:57:02 GMT
content-type
text/html; charset=UTF-8
content-length
3168
set-cookie
AWSALB=8pCovKpVKJlkWBWTYewWbKlcHHvoeJY2LntmghYp5ZkCncWpt1ccVkqp8I4nhHNR4sPHBo0ueSxpDlfTn5L0mGhegF1SE5RK9MlqtDfMAf9DtVK5mk3D3hKnXEUx; Expires=Mon, 10 Aug 2020 17:57:00 GMT; Path=/ AWSALBCORS=8pCovKpVKJlkWBWTYewWbKlcHHvoeJY2LntmghYp5ZkCncWpt1ccVkqp8I4nhHNR4sPHBo0ueSxpDlfTn5L0mGhegF1SE5RK9MlqtDfMAf9DtVK5mk3D3hKnXEUx; Expires=Mon, 10 Aug 2020 17:57:00 GMT; Path=/; SameSite=None; Secure
server
Apache
content-encoding
gzip
vary
Accept-Encoding,User-Agent
access-control-allow-origin
*

Redirect headers

status
302
access-control-allow-origin
*
age
0
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 03 Aug 2020 17:57:00 GMT
location
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
server
SITE123 Engine
set-cookie
AWSALB=EqFn0RGGGlxG+zm6xJBqw1lcPaP0bQ1AilP9GC+3/bneA2Nhea+ot5Fjn6tabaSQmHmi2gBG25BJcs0pRVDiBdCysDBhsU1Q8cRp40pmZgon6fVHgoNDz+y+1yTe; Expires=Mon, 10 Aug 2020 17:57:00 GMT; Path=/ AWSALBCORS=EqFn0RGGGlxG+zm6xJBqw1lcPaP0bQ1AilP9GC+3/bneA2Nhea+ot5Fjn6tabaSQmHmi2gBG25BJcs0pRVDiBdCysDBhsU1Q8cRp40pmZgon6fVHgoNDz+y+1yTe; Expires=Mon, 10 Aug 2020 17:57:00 GMT; Path=/; SameSite=None
vary
Accept-Encoding,User-Agent
x-cache
MISS
x-site123-v
true
content-length
20
js
www.googletagmanager.com/gtag/ 		85 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-953208438
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5c5bd347f3a38520a15d150351f82815f211c7c3f179c2ef878df898c7fb6a1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:57:02 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34121
x-xss-protection
0
last-modified
Mon, 03 Aug 2020 16:58:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Aug 2020 17:57:02 GMT
css
fonts.googleapis.com/ 		17 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa46ccba0a815358a1807a6e739ae7b834cb44dc6597aee305477bc76274343d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 03 Aug 2020 17:53:01 GMT
server
ESF
date
Mon, 03 Aug 2020 17:57:02 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 03 Aug 2020 17:57:02 GMT
minimizeAdminIcons.css
cdn-cms-s.f-static.net/versions/2/css/ 		857 KB
137 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-cms-s.f-static.net/versions/2/css/minimizeAdminIcons.css?v=r6684
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:800:12:70d0:9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
e9c534f850bdd455372bfade0aa75faed0b403394509ae74110ab2eb2905e3db

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Origin
https://app.site123.com

Response headers

date
Wed, 01 Jul 2020 09:30:18 GMT
content-encoding
gzip
age
2881604
site123-proxy-cache
true
status
200
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Fri, 26 Jun 2020 12:18:08 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
cache-control
max-age=290304000, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
AkP1Twc4u9H5ayqL4gsXWxoKrxFhuQ7vwhUvRnguRs4Qq4Hzj4P7Qg==
ace-site123-fix.css
cdn-cms-s.f-static.net/files/css/ 		102 B
507 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-cms-s.f-static.net/files/css/ace-site123-fix.css
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:800:12:70d0:9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
6a65db484f9bf79336c466112645894a553c309ed308500231826914b900f3b4

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Origin
https://app.site123.com

Response headers

date
Thu, 20 Feb 2020 01:55:46 GMT
content-encoding
gzip
age
14313676
site123-proxy-cache
true
status
200
x-cache
Hit from cloudfront
content-length
105
access-control-allow-origin
*
last-modified
Tue, 10 Sep 2019 12:00:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
cache-control
max-age=290304000, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
u9ciLLcySi8YaY5AKgJUEO94a75w-HsekT2_YScjuWN_vGGYh78DDw==
ace-rtl.css
cdn-cms-s.f-static.net/files/products-WB0B30DGR/assets/css/ 		149 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-cms-s.f-static.net/files/products-WB0B30DGR/assets/css/ace-rtl.css
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:800:12:70d0:9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
35f2ae71adcde98cd5ad6b05f5bc5b4d50caedc81c115bf4564547740c96dd6a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Origin
https://app.site123.com

Response headers

date
Thu, 06 Feb 2020 23:00:18 GMT
content-encoding
gzip
age
15447404
site123-proxy-cache
true
status
200
x-cache
Hit from cloudfront
content-length
17067
access-control-allow-origin
*
last-modified
Tue, 10 Sep 2019 12:00:39 GMT
server
Apache
vary
Accept-Encoding
content-type
text/css
via
1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
cache-control
max-age=290304000, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
50wBd_IZrjmbxp5f_t7OOqRKB9sHuVIeWm8wBXuiexCLXqrsV62LNg==
Horizontal_Blue.png
cdn-cms-s.f-static.net/manager/site123_website/files/logos/brand_files_2020/Logo/Horizontal/PNG/ 		15 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cms-s.f-static.net/manager/site123_website/files/logos/brand_files_2020/Logo/Horizontal/PNG/Horizontal_Blue.png?v=r6684
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:800:12:70d0:9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
28c7196ea405d189723ed76125030ecf0a495d07fefff8e30924df22daea7853

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 01 Jul 2020 09:30:18 GMT
content-encoding
gzip
age
2881604
site123-proxy-cache
true
status
200
x-cache
Hit from cloudfront
content-length
14365
access-control-allow-origin
*
last-modified
Fri, 26 Jun 2020 12:18:08 GMT
server
Apache
vary
Accept-Encoding
content-type
image/png
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
cache-control
max-age=290304000, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
fqQxtwE3Y2koN0x42GIKcp8KQAM96YB5nIjhC0FCaGMfc7WgV5fsEQ==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 15 Jul 2020 21:26:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1629054
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33507
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Jul 2021 21:26:08 GMT
bootstrap.min.js
cdn-cms-s.f-static.net/files/bootstrap-3.3.5-dist/js/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cms-s.f-static.net/files/bootstrap-3.3.5-dist/js/bootstrap.min.js
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:214f:800:12:70d0:9c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 09 Apr 2020 17:48:14 GMT
content-encoding
gzip
age
10022929
site123-proxy-cache
true
status
200
x-cache
Hit from cloudfront
content-length
9718
access-control-allow-origin
*
last-modified
Tue, 10 Sep 2019 05:35:34 GMT
server
Apache
vary
Accept-Encoding
content-type
text/javascript
via
1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront)
cache-control
max-age=290304000, public
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
Oq-l_MjJmAnz5yy25EiOTyc23iU7Q7o553OIA-HoMSw8j2UJOmMhcQ==
analytics.js
www.google-analytics.com/ 		45 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
6083
date
Mon, 03 Aug 2020 16:15:39 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Mon, 03 Aug 2020 18:15:39 GMT
fbevents.js
connect.facebook.net/en_US/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
34220
x-xss-protection
0
pragma
public
x-fb-debug
tNsDToSYQ28x3PMhnJn5GTzcN50QRMIz2v9wWY9n7+FfbYFl9QFcHAxj0Kg4EJlBXDN6IpbzPdPibgv3wATxFA==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Mon, 03 Aug 2020 17:57:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		72 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-NH2RHK4&cid=890925528.1596477423
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0ca16c15a724c4ae125602e026e942ae43e3be2bf65e30688ea6669e7e981e9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:57:02 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29223
x-xss-protection
0
last-modified
Mon, 03 Aug 2020 16:58:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 03 Aug 2020 17:57:02 GMT
1074611005929279
connect.facebook.net/signals/config/ 		522 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1074611005929279?v=2.9.22&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
21307ab88f6d88959ef6ba3f2c1cbe7418e0dea129c635230c2e4a2b68d45ab4
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
134671
x-xss-protection
0
pragma
public
x-fb-debug
3LkgWKKfDIddNWchGT1fMbuEOiTmVy2EYWQAzG9/3kf9P4ZxeW0hG/J7h+NvoQLLraOyqbUQacnirycGVtfTNg==
x-fb-trip-id
664085054
x-frame-options
DENY
date
Mon, 03 Aug 2020 17:57:02 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		29 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-953208438
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s18-in-f130.1e100.net
Software
cafe /
Resource Hash
6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:57:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11328
x-xss-protection
0
server
cafe
etag
4229961699705442162
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 03 Aug 2020 17:57:02 GMT
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j83&a=2028152041&t=pageview&_s=1&dl=https%3A%2F%2Fapp.site123.com%2Fmanager%2Flogin%2FdomainVerify.php%3Funique_domain%3Dwww.safehaventarot.com&ul=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-54337428-1&cid=890925528.1596477423&jid=1152924052&_gid=954651982.1596477423&gjid=1336421074&_v=j83&z=277576876
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54337428-1&cid=890925528.1596477423&jid=1152924052&_v=j83&z=277576876
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54337428-1&cid=890925528.1596477423&jid=1152924052&_v=j83&z=277576876&slf_rd=1&random=3670191235
42 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54337428-1&cid=890925528.1596477423&jid=1152924052&_v=j83&z=277576876&slf_rd=1&random=3670191235
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 17:57:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 03 Aug 2020 17:57:03 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-54337428-1&cid=890925528.1596477423&jid=1152924052&_v=j83&z=277576876&slf_rd=1&random=3670191235
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Origin
https://app.site123.com

Response headers

date
Wed, 29 Jul 2020 23:10:45 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:50 GMT
server
sffe
age
413177
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11016
x-xss-protection
0
expires
Thu, 29 Jul 2021 23:10:45 GMT
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400,400i,500,500i,600,600i,700,700i,800,800i&display=swap
Origin
https://app.site123.com

Response headers

date
Wed, 29 Jul 2020 22:18:12 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:58 GMT
server
sffe
age
416330
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11020
x-xss-protection
0
expires
Thu, 29 Jul 2021 22:18:12 GMT
/
www.facebook.com/tr/ 		44 B
377 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1074611005929279&ev=PageView&dl=https%3A%2F%2Fapp.site123.com%2Fmanager%2Flogin%2FdomainVerify.php%3Funique_domain%3Dwww.safehaventarot.com&rl=&if=false&ts=1596477423004&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1596477423003.1533114797&it=1596477422866&coo=false&rqm=GET
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:57:03 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 03 Aug 2020 17:57:03 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/953208438/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/953208438/?random=1596477423012&cv=9&fst=1596477423012&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.site123.com%2Fmanager%2Flogin%2FdomainVerify.php%3Funique_domain%3Dwww.safehaventarot.com&tiba=Domain%20Verification%20-%20SITE123&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d75af00e7d9dfc238948ad4ef7eba8b01f009ac1a4d24f9c539b3e30250263a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 17:57:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1088
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/953208438/ 		42 B
157 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/953208438/?random=1596477423012&cv=9&fst=1596474000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.site123.com%2Fmanager%2Flogin%2FdomainVerify.php%3Funique_domain%3Dwww.safehaventarot.com&tiba=Domain%20Verification%20-%20SITE123&async=1&fmt=3&is_vtc=1&random=3565299849&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 17:57:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/953208438/ 		42 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/953208438/?random=1596477423012&cv=9&fst=1596474000000&num=1&bg=ffffff&guid=ON&eid=376635471&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa7m1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fapp.site123.com%2Fmanager%2Flogin%2FdomainVerify.php%3Funique_domain%3Dwww.safehaventarot.com&tiba=Domain%20Verification%20-%20SITE123&async=1&fmt=3&is_vtc=1&random=3565299849&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: app.site123.com
URL: https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 Aug 2020 17:57:03 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/jokji8l9
  • https://js.intercomcdn.com/shim.latest.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
24f8d5b9f63a65ac27906300252e4238b240d02555e872f5d4ff93651ba27501

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:55:49 GMT
content-encoding
gzip
age
75
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
2908
last-modified
Mon, 03 Aug 2020 17:00:32 GMT
server
AmazonS3
etag
"65e1a83743247e7d3f1498be1649d235"
content-type
application/javascript; charset=UTF-8
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
mrNCAp25eKTjHMxJuq_wKhbH32JHHiMOZcdJKtUdmRDpG5jDvlCfKg==

Redirect headers

date
Mon, 03 Aug 2020 16:59:03 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
server
AmazonS3
age
3481
status
302
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
FRA6-C1
content-length
0
x-amz-cf-id
jmCzOuskFO-eYSugzO--ZzzpxsguUwu0Hfdrbn7YmrFeUr5sgxLyOw==
pixel
bid.g.doubleclick.net/xbbe/ Frame C8FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/pixel?d=KAE
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
bid.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=KAE
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 03 Aug 2020 17:57:03 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure IDE=AHWqTUlXpjoHLLaBnwIYN9jW8AiWRopMH0s8VEjze6fg_hzyz1bnkNBhD7u6cBoB; expires=Wed, 03-Aug-2022 17:57:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 03 Aug 2020 17:57:03 GMT
cache-control
private
frame-modern.b2434170.js
js.intercomcdn.com/ Frame 38CD 		224 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.b2434170.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c8403c04d627ce292c8d6371ec54343ab7228e3c6c084ade2d7574b568afbb6b

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:00:40 GMT
content-encoding
gzip
age
3384
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
63328
last-modified
Mon, 03 Aug 2020 16:45:35 GMT
server
AmazonS3
etag
"51d52b3352e55e891abfd5a9b7d83c01"
content-type
application/javascript; charset=UTF-8
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
5Mcr0CXkiRQK5rUt5dCeULNk678yEg7L_PcnsyWS95vwn2uCKnzGLg==
vendor-modern.5ce628af.js
js.intercomcdn.com/ Frame 38CD 		172 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.5ce628af.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1959d2007b8d3f3ff8ae646dac93b5421c3b62b4c6c0b997472ef3544705ca66

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:20:49 GMT
content-encoding
gzip
age
2175
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
52301
last-modified
Wed, 29 Jul 2020 01:50:07 GMT
server
AmazonS3
etag
"0f2f9ec3295c1f8195eff277af231bdc"
content-type
application/javascript; charset=UTF-8
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
IeyvsglRBJ1VxdnY5wQmt1CScjvb6lf9DImXoVgwiyJJRoFCYg3uYQ==
ping
api-iam.intercom.io/messenger/web/ Frame 38CD 		14 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b2434170.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
91b3a5d8a817f1890c5656c07b59724ec9b3fb9f62505ad4287499e7dfada3e0
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Aug 2020 17:57:04 GMT
content-encoding
gzip
x-ami-version
ami-02d7fb85f53117800
status
200, 200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0005emj1qhurb34496a0
x-runtime
1.100087
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"91b3a5d8a817f1890c5656c07b59724e"
x-ratelimit-remaining
19992
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.site123.com
x-intercom-version
6ea49109accffdb4d32368707686ef5851701741
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1596477480
x-ratelimit-limit
20000
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
/
www.facebook.com/tr/ 		44 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1074611005929279&ev=Microdata&dl=https%3A%2F%2Fapp.site123.com%2Fmanager%2Flogin%2FdomainVerify.php%3Funique_domain%3Dwww.safehaventarot.com&rl=&if=false&ts=1596477424507&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Domain%20Verification%20-%20SITE123%22%2C%22meta%3Adescription%22%3A%22Verify%20your%20domain%20name%20with%20SITE123%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.22&r=stable&ec=1&o=30&fbp=fb.1.1596477424507.1679620831&it=1596477422866&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:57:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Mon, 03 Aug 2020 17:57:04 GMT
match
api-iam.intercom.io/messenger/web/rulesets/6182832/ Frame 38CD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/rulesets/6182832/match
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b2434170.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
0963490149341b4be298f582640043ea19ab41daba49c8d2d9e971d30b298197
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Aug 2020 17:57:12 GMT
content-encoding
gzip
x-ami-version
ami-02d7fb85f53117800
status
200, 200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
0004v3hq8qjrp762r8hg
x-runtime
0.418148
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"0963490149341b4be298f582640043ea"
x-ratelimit-remaining
19981
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.site123.com
x-intercom-version
6ea49109accffdb4d32368707686ef5851701741
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1596477480
x-ratelimit-limit
20000
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
39670300453056
api-iam.intercom.io/messenger/web/conversations/ Frame 38CD 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/conversations/39670300453056
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b2434170.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
0fe018648ff65970077d61a42b3559c9ee06284c1c6574475e96e5fa07e7c5cf
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 03 Aug 2020 17:57:12 GMT
content-encoding
gzip
x-ami-version
ami-02d7fb85f53117800
status
200, 200 OK
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
003er53ilvbk1qnq5ikg
x-runtime
0.081632
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"0fe018648ff65970077d61a42b3559c9"
strict-transport-security
max-age=31556952; includeSubDomains; preload
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://app.site123.com
x-intercom-version
6ea49109accffdb4d32368707686ef5851701741
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
vendors~app-modern.3ecc3a79.js
js.intercomcdn.com/ Frame 38CD 		245 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~app-modern.3ecc3a79.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b2434170.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bce1c6254b02cca6b225f92dfbf9329ecef859e61933846803dc0b56836d1b9a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:08:26 GMT
content-encoding
gzip
age
2927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
76443
last-modified
Tue, 21 Jul 2020 18:25:46 GMT
server
AmazonS3
etag
"d22c2389aed4cb307b312afc5c3df3b6"
content-type
application/javascript; charset=UTF-8
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
ZhmM3O-ujnXcucI9QUn6FUnJ8ufGO3LOiuzskKipO9t6wq054RH67Q==
app-modern.7ad91128.js
js.intercomcdn.com/ Frame 38CD 		65 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/app-modern.7ad91128.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b2434170.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b19d64599afb9412d3175b560883387bd73b8168a76f874352541cfc410ee93

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:08:26 GMT
content-encoding
gzip
age
2927
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
19250
last-modified
Tue, 21 Jul 2020 16:43:23 GMT
server
AmazonS3
etag
"48dd5e7d6b02efc16dac7dd67800b1e7"
content-type
application/javascript; charset=UTF-8
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
7kgPUxiMPA493NPcC6kbyqa1dLN-VyCqMbarI9Hy8m25Co_3SFN2sw==
notification.20576730.mp3
js.intercomcdn.com/audio/ Frame 38CD 		22 KB
23 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/audio/notification.20576730.mp3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e6563a609efbf837985e4c598f5f41ef3f32634e60f2abe5e124594f2ea05d0

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 03 Aug 2020 17:16:11 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
age
2674
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
206
Content-Length
22813
Content-Range
bytes 0-22812/22813
last-modified
Fri, 17 Jul 2020 15:55:43 GMT
server
AmazonS3
etag
"205767301bc13a45332af776d517aada"
content-type
audio/mpeg
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
Bish3Qh8OXOBS6OsydY8Wbpco-b29bYxZ5TKvIVIhRmoupq1P-rMiw==
vendors~banner~message~messenger-modern.15d59b27.js
js.intercomcdn.com/ Frame 38CD 		78 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~banner~message~messenger-modern.15d59b27.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b2434170.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f06b719f841a872f4b9d70b03d67e94ea4084357f8d81943b65f97324c1df3dd

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:29:32 GMT
content-encoding
gzip
age
1661
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
22653
last-modified
Wed, 29 Jul 2020 01:50:07 GMT
server
AmazonS3
etag
"9f056396e4465151177efac03e8b2e8a"
content-type
application/javascript; charset=UTF-8
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
OEJS7sCSdGDOC4YnWKvj61l88jWRZUlj3KVU0tbIfVaAbPnvoo3rNA==
vendors~message-modern.ed176a95.js
js.intercomcdn.com/ Frame 38CD 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendors~message-modern.ed176a95.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b2434170.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1ba8c7899e8b9fc1a8378124fa72913f94378466a9b82d00ed1af99eeea32a61

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:45:34 GMT
content-encoding
gzip
age
699
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
9021
last-modified
Fri, 17 Jul 2020 15:55:43 GMT
server
AmazonS3
etag
"156831e31fa8687384923678d8ddef1a"
content-type
application/javascript; charset=UTF-8
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
p8oS9XWcOUIwWg8MWVBdL_uVkyA5ofQCsihwtRIcKkLMBWR77duAMQ==
banner~message~messenger-modern.0a45c479.js
js.intercomcdn.com/ Frame 38CD 		148 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/banner~message~messenger-modern.0a45c479.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b2434170.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6fed22bad44c62164f38f9ac9e42f111d71b46d09f01b7a9e59215ff07676311

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 16:49:47 GMT
content-encoding
gzip
age
4046
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
36247
last-modified
Thu, 23 Jul 2020 08:25:47 GMT
server
AmazonS3
etag
"b411018a98daf38544517f9c657176e2"
content-type
application/javascript; charset=UTF-8
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
u0Z3VdnknAZ5L1LcfnNOcYUDyshq9jNdCHDczmcwdUQyX1j6ZvRpww==
message~messenger-modern.eac7bc0e.js
js.intercomcdn.com/ Frame 38CD 		199 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/message~messenger-modern.eac7bc0e.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b2434170.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8b60edb417d3f0fb547f8379c30baabc1c09dc214292dc50053fb050fc8ea59f

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:01:06 GMT
content-encoding
gzip
age
3367
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
51364
last-modified
Mon, 03 Aug 2020 16:45:35 GMT
server
AmazonS3
etag
"fdddec0dfdbc1f3a9b1c33e0d97c5dd3"
content-type
application/javascript; charset=UTF-8
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
Z4SICQalMwVf0cIEZxGaL8tReWG7LX0Sl-JlQ2SIOdPEEaeantX1gg==
message-modern.727fcf6d.js
js.intercomcdn.com/ Frame 38CD 		91 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/message-modern.727fcf6d.js
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.b2434170.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e060c811e8141859ab083cef807f4887c533c062d1acb76ac90dda92d7c4152c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 17:28:07 GMT
content-encoding
gzip
age
1746
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
24089
last-modified
Tue, 28 Jul 2020 11:10:55 GMT
server
AmazonS3
etag
"a132b131bfb64a4b97915bb5de987cd6"
content-type
application/javascript; charset=UTF-8
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
eBpxY85Ha6Jtppnfd8xn77CppfyiGGkQaf9ulsC-z_-2CKL3YLKAUQ==
proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame ABCF 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Origin
https://app.site123.com

Response headers

date
Mon, 03 Aug 2020 16:42:35 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
age
4478
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
28960
last-modified
Fri, 17 Jul 2020 15:55:43 GMT
server
AmazonS3
etag
"a7942249ca925ef356c0f2b1dab17ef3"
vary
Origin
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
1omVC_dXNli2hmqzOtiu_WQrO1QWuv0Rzz3skJqahKXm-YNNUt97Ag==
close.1359f860.png
js.intercomcdn.com/images/ Frame E444 		162 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js.intercomcdn.com/images/close.1359f860.png
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/message~messenger-modern.eac7bc0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e41b8c47f1237da7ed45905069887b18b0e18ffbaabef3598fabb1d72318cb4e

Request headers

Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Mon, 03 Aug 2020 16:42:15 GMT
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)
last-modified
Fri, 17 Jul 2020 15:55:43 GMT
server
AmazonS3
age
4498
etag
"1359f8607960ee7da2046712aec1e2f0"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
content-length
162
x-amz-cf-id
79_dE5BnPOAcBq8Dqc_4apInF-F6oLCfQVZ5cWZSGIBV7mpdTArEHQ==
proximanova-semibold.46e3f047.woff
js.intercomcdn.com/fonts/ Frame E444 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/fonts/proximanova-semibold.46e3f047.woff
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/message~messenger-modern.eac7bc0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Origin
https://app.site123.com

Response headers

date
Mon, 03 Aug 2020 16:50:58 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
vary
Origin
age
3975
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
content-length
28732
last-modified
Mon, 03 Aug 2020 16:45:36 GMT
server
AmazonS3
etag
"46e3f047b6d568624167376a87e01ebd"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
8kDgaGV5sexUBhFJB752QFiUPDxrwIs3sUSfW60ooWL71vCIcDC1jQ==
proximanova-regular.a7942249.woff
js.intercomcdn.com/fonts/ Frame E444 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/fonts/proximanova-regular.a7942249.woff
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/message~messenger-modern.eac7bc0e.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.86.7.54 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-7-54.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://app.site123.com/manager/login/domainVerify.php?unique_domain=www.safehaventarot.com
Origin
https://app.site123.com

Response headers

date
Mon, 03 Aug 2020 16:42:35 GMT
via
1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
age
4478
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
status
200
access-control-max-age
3000
content-length
28960
last-modified
Fri, 17 Jul 2020 15:55:43 GMT
server
AmazonS3
etag
"a7942249ca925ef356c0f2b1dab17ef3"
vary
Origin
access-control-allow-methods
GET
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
FRA6-C1
accept-ranges
bytes
x-amz-cf-id
X6xmMQnXIa-Za1RR03j5e9b3yz1OTac00aeaiTUbghrJa6jGItQUoA==
Fotolia_113947849_XXL_01-1469538260.jpg
static.intercomassets.com/avatars/380258/square_128/ Frame E444 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.intercomassets.com/avatars/380258/square_128/Fotolia_113947849_XXL_01-1469538260.jpg?1469538260
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.202.24 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-202-24.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8eb742e4838502a3687f62642da6d9dec623af99275edb89c8788c410cffc74a

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 03 Aug 2020 06:18:57 GMT
via
1.1 89cb19c6f2c9ed0983294d3b12e80e43.cloudfront.net (CloudFront)
last-modified
Tue, 26 Jul 2016 13:04:22 GMT
server
AmazonS3
age
41896
etag
"5361dbd3b9c67fa73fd6764ce6230e26"
x-cache
Hit from cloudfront
content-type
image/jpeg
status
200
cache-control
max-age=86400
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
35571
x-amz-cf-id
CvFC3v6_famQ4n950QU5ZCx8pdJO9DK9p_J-vatDdTNRSEm2l627bg==
expires
Wed, 27 Jul 2016 11:20:15 GMT

Verdicts & Comments Add Verdict or Comment

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| dataLayer string| GoogleAnalyticsObject function| ga function| gtag function| fbq function| _fbq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager object| google_optimize function| $ function| jQuery object| jQuery111304040173819767243 object| intercomSettings function| Intercom function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

6 Cookies

Domain/Path Name / Value
.site123.com/ Name: _fbp
Value: fb.1.1596477423003.1533114797
.site123.com/ Name: _gat
Value: 1
.site123.com/ Name: _gid
Value: GA1.2.954651982.1596477423
.site123.com/ Name: _ga
Value: GA1.2.890925528.1596477423
app.site123.com/ Name: AWSALBCORS
Value: 8pCovKpVKJlkWBWTYewWbKlcHHvoeJY2LntmghYp5ZkCncWpt1ccVkqp8I4nhHNR4sPHBo0ueSxpDlfTn5L0mGhegF1SE5RK9MlqtDfMAf9DtVK5mk3D3hKnXEUx
app.site123.com/ Name: AWSALB
Value: 8pCovKpVKJlkWBWTYewWbKlcHHvoeJY2LntmghYp5ZkCncWpt1ccVkqp8I4nhHNR4sPHBo0ueSxpDlfTn5L0mGhegF1SE5RK9MlqtDfMAf9DtVK5mk3D3hKnXEUx

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-iam.intercom.io
app.site123.com
bid.g.doubleclick.net
cdn-cms-s.f-static.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.intercomcdn.com
static.intercomassets.com
stats.g.doubleclick.net
widget.intercom.io
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.safehaventarot.com
143.204.202.24
172.217.23.130
2600:9000:214f:800:12:70d0:9c0:93a1
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:816::2008
2a00:1450:4001:816::200e
2a00:1450:4001:818::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::200a
2a00:1450:400c:c06::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.213.12.15
34.232.5.253
66.102.1.156
75.2.88.188
99.86.7.54
99.86.7.67
0963490149341b4be298f582640043ea19ab41daba49c8d2d9e971d30b298197
0ca16c15a724c4ae125602e026e942ae43e3be2bf65e30688ea6669e7e981e9a
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e6563a609efbf837985e4c598f5f41ef3f32634e60f2abe5e124594f2ea05d0
0fe018648ff65970077d61a42b3559c9ee06284c1c6574475e96e5fa07e7c5cf
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1959d2007b8d3f3ff8ae646dac93b5421c3b62b4c6c0b997472ef3544705ca66
1ba8c7899e8b9fc1a8378124fa72913f94378466a9b82d00ed1af99eeea32a61
21307ab88f6d88959ef6ba3f2c1cbe7418e0dea129c635230c2e4a2b68d45ab4
24f8d5b9f63a65ac27906300252e4238b240d02555e872f5d4ff93651ba27501
28c7196ea405d189723ed76125030ecf0a495d07fefff8e30924df22daea7853
35f2ae71adcde98cd5ad6b05f5bc5b4d50caedc81c115bf4564547740c96dd6a
4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327
5c5bd347f3a38520a15d150351f82815f211c7c3f179c2ef878df898c7fb6a1c
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975
6a65db484f9bf79336c466112645894a553c309ed308500231826914b900f3b4
6fed22bad44c62164f38f9ac9e42f111d71b46d09f01b7a9e59215ff07676311
7b19d64599afb9412d3175b560883387bd73b8168a76f874352541cfc410ee93
8b60edb417d3f0fb547f8379c30baabc1c09dc214292dc50053fb050fc8ea59f
8eb742e4838502a3687f62642da6d9dec623af99275edb89c8788c410cffc74a
91b3a5d8a817f1890c5656c07b59724ec9b3fb9f62505ad4287499e7dfada3e0
9a4f797cc141bbd16a3341cf3f4f482f0ecd00e14c206cbd2f77c5ca7bc9e704
ad1e595d26035487333f48604244ddab94b13bec3e2f4545f13d8dd8a3ecba20
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
bce1c6254b02cca6b225f92dfbf9329ecef859e61933846803dc0b56836d1b9a
c4700337a1e03e5f65539e61f33b653d3dfee2150bb87ea76eea7cc7e9e6eccb
c8403c04d627ce292c8d6371ec54343ab7228e3c6c084ade2d7574b568afbb6b
d75af00e7d9dfc238948ad4ef7eba8b01f009ac1a4d24f9c539b3e30250263a3
e060c811e8141859ab083cef807f4887c533c062d1acb76ac90dda92d7c4152c
e41b8c47f1237da7ed45905069887b18b0e18ffbaabef3598fabb1d72318cb4e
e9c534f850bdd455372bfade0aa75faed0b403394509ae74110ab2eb2905e3db
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f06b719f841a872f4b9d70b03d67e94ea4084357f8d81943b65f97324c1df3dd
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
fa46ccba0a815358a1807a6e739ae7b834cb44dc6597aee305477bc76274343d
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955