Submitted URL: http://click.ft.money-media.com/?qs=725e3eacda3d2115439d39784e09a6a0cf46ac22d5d43ac96c2d21c385005a0107a73a686c7762db1c9009f21eec...
Effective URL: https://www.safebutler.com/insurance-jokes
Submission: On December 02 via api from US

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 28 HTTP transactions. The main IP is 52.38.82.83, located in Boardman, United States and belongs to AMAZON-02, US. The main domain is www.safebutler.com.
TLS certificate: Issued by Amazon on January 6th 2020. Valid for: a year.
This is the only time www.safebutler.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
7 fonts.gstatic.com www.safebutler.com
4 d2bx2pi9v1nae5.cloudfront.net www.safebutler.com
cdnjs.cloudflare.com
3 www.safebutler.com www.safebutler.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com www.safebutler.com
1 sf16-scmcdn-va.ibytedtos.com analytics.tiktok.com
1 www.google.de www.safebutler.com
1 www.google.com www.safebutler.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net www.google-analytics.com
1 prism.app-us1.com diffuser-cdn.app-us1.com
1 www.googleadservices.com www.googletagmanager.com
1 analytics.tiktok.com www.safebutler.com
1 diffuser-cdn.app-us1.com www.safebutler.com
1 cdnjs.cloudflare.com www.safebutler.com
1 click.ft.money-media.com 1 redirects
28 16

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
www.tiktok.com
Subject Issuer Validity Valid
safebutler.com
Amazon
2020-01-06 -
2021-02-06
a year crt.sh
*.gstatic.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.cloudfront.net
DigiCert Global CA G2
2020-05-26 -
2021-04-21
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2020-10-21 -
2021-10-20
a year crt.sh
*.tiktok.com
RapidSSL RSA CA 2018
2019-11-14 -
2022-01-12
2 years crt.sh
www.googleadservices.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.com
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
www.google.de
GTS CA 1O1
2020-11-03 -
2021-01-26
3 months crt.sh
*.ibytedtos.com
RapidSSL RSA CA 2018
2020-02-07 -
2022-04-07
2 years crt.sh

This page contains 1 frames:

Primary Page: https://www.safebutler.com/insurance-jokes
Frame ID: 970CFA59B8E1F0617C7D67013D2E7BF5
Requests: 29 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://click.ft.money-media.com/?qs=725e3eacda3d2115439d39784e09a6a0cf46ac22d5d43ac96c2d21c385005a0107a73a68... HTTP 302
    https://www.safebutler.com/insurance-jokes Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

28
Requests

100 %
HTTPS

69 %
IPv6

14
Domains

16
Subdomains

16
IPs

4
Countries

407 kB
Transfer

1077 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.ft.money-media.com/?qs=725e3eacda3d2115439d39784e09a6a0cf46ac22d5d43ac96c2d21c385005a0107a73a686c7762db1c9009f21eec1de19f3c81383481240d HTTP 302
    https://www.safebutler.com/insurance-jokes Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request insurance-jokes
www.safebutler.com/
Redirect Chain
  • http://click.ft.money-media.com/?qs=725e3eacda3d2115439d39784e09a6a0cf46ac22d5d43ac96c2d21c385005a0107a73a686c7762db1c9009f21eec1de19f3c81383481240d
  • https://www.safebutler.com/insurance-jokes
68 KB
11 KB
Document
General
Full URL
https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.82.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-82-83.us-west-2.compute.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
f9975bb869abf110eaafc66f01ee6b56646586e34d715c9b076308a3e00c4ace
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:method
GET
:authority
www.safebutler.com
:scheme
https
:path
/insurance-jokes
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 13:13:14 GMT
content-type
text/html; charset=utf-8
server
nginx/1.15.12
vary
Accept-Encoding Cookie
x-frame-options
DENY
x-content-type-options
nosniff
set-cookie
sessionid=ezrpwzfr4rwviolqtr3nahqym1ersyr1; Domain=.safebutler.com; expires=Wed, 16 Dec 2020 13:13:14 GMT; HttpOnly; Max-Age=1209600; Path=/; SameSite=Lax
content-encoding
gzip

Redirect headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Location
https://www.safebutler.com/insurance-jokes
Date
Wed, 02 Dec 2020 13:13:13 GMT
Connection
close
Content-Length
159
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.safebutler.com
Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 08:25:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:55 GMT
server
sffe
age
103646
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15784
x-xss-protection
0
expires
Wed, 01 Dec 2021 08:25:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.safebutler.com
Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 02:57:51 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
123323
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Wed, 01 Dec 2021 02:57:51 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.safebutler.com
Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 01 Dec 2020 01:49:56 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
127398
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Wed, 01 Dec 2021 01:49:56 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.safebutler.com
Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 11:20:37 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
525157
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Fri, 26 Nov 2021 11:20:37 GMT
common-72c62f02e734640822cb.css
www.safebutler.com/static/bundles/
125 KB
26 KB
Stylesheet
General
Full URL
https://www.safebutler.com/static/bundles/common-72c62f02e734640822cb.css
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.82.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-82-83.us-west-2.compute.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
6e845f549445df78377bedc2e022bb727eec722d5ea86b357c53e8053d08c599

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 13:13:14 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 03:06:57 GMT
server
nginx/1.15.12
etag
W/"5fc704d1-1f38f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000, public
expires
Thu, 02 Dec 2021 13:13:14 GMT
js
www.googletagmanager.com/gtag/
96 KB
38 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-839896625
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
19d114248fcffa9593afad87d411acfd984d6701a79f21c57ab1d7365270f6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 13:13:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38704
x-xss-protection
0
last-modified
Wed, 02 Dec 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Dec 2020 13:13:14 GMT
SAFEBUTLER.svg
d2bx2pi9v1nae5.cloudfront.net/common/images/
3 KB
2 KB
Image
General
Full URL
https://d2bx2pi9v1nae5.cloudfront.net/common/images/SAFEBUTLER.svg
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8a00:17:2b48:5740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7498d6b6917902c7105bde64c2b3dad150571c34910a0a29b101595d4ada3363

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 07:06:45 GMT
content-encoding
gzip
last-modified
Thu, 12 Nov 2020 05:37:30 GMT
server
AmazonS3
age
1663589
etag
W/"e313d5fb20f9aac3e03b4ed025c0a818"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
RpKzIpUBdbNBVrw0vIDoXtKmFIUgGVn4sZ5KHsZ_kxZ2uwQjM4b0wA==
lottie.min.js
cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.4/
256 KB
54 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.4/lottie.min.js
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e27b9cf011c3d5b006906bed6b2b64fbf0b82b2d4821f21dfdf00291c8c07be
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 13:13:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2764
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
54959
cf-request-id
06c52efd8a000005dc8485b000000001
timing-allow-origin
*
last-modified
Mon, 02 Nov 2020 04:51:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f9f9048-3ff8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dfQiy7ceqjiO%2FOkvIPdrswEHEvzH9QhnqDE%2BNEExOTTIin4GFJYiCnFCdFe1jzkcl%2BK5rQCp8NQAVOY3Tt2kV02WRoJq1SrtHdqj%2B3V8QfNl2ZDazn67X9N82rm851BUOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fb54ddc0c9b05dc-FRA
expires
Mon, 22 Nov 2021 13:13:14 GMT
libs-10312020.js
d2bx2pi9v1nae5.cloudfront.net/common/js/
94 KB
34 KB
Script
General
Full URL
https://d2bx2pi9v1nae5.cloudfront.net/common/js/libs-10312020.js
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8a00:17:2b48:5740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c57f3a0b2e698b8294b3f196246d474e013a78a62e1f3aeae443ccc86a6409b

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 01 Nov 2020 02:54:00 GMT
content-encoding
gzip
last-modified
Sat, 31 Oct 2020 18:49:17 GMT
server
AmazonS3
age
2715555
etag
W/"8c819dcc0ca011dca234036c7c0756ca"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
xX-hFodfVmw7z1CVHOOv--sFPhKzYmekAMc3FEr_0_4RvZ8srEAe4g==
frontend-72c62f02e734640822cb.js
www.safebutler.com/static/bundles/
3 KB
1 KB
Script
General
Full URL
https://www.safebutler.com/static/bundles/frontend-72c62f02e734640822cb.js
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.82.83 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-82-83.us-west-2.compute.amazonaws.com
Software
nginx/1.15.12 /
Resource Hash
e08895c9c83ebb44e177e8f3c1d3a8580f83b32aedc7c2feaac5543727d79556

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 13:13:14 GMT
content-encoding
gzip
last-modified
Wed, 02 Dec 2020 03:06:57 GMT
server
nginx/1.15.12
etag
W/"5fc704d1-b8b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Thu, 02 Dec 2021 13:13:14 GMT
gtm.js
www.googletagmanager.com/
75 KB
30 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KG4ZVK
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1b0d55549509ab9e75953ab4d57a7a0714f7893e39272a4e68a3694679203032
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 13:13:14 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30587
x-xss-protection
0
last-modified
Wed, 02 Dec 2020 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 02 Dec 2020 13:13:14 GMT
diffuser.js
diffuser-cdn.app-us1.com/diffuser/
23 KB
6 KB
Script
General
Full URL
https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72058501f83c1ff78df7acc5b97b5be177d66c51cc29dad4dae7ab478ebff070

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 13:13:14 GMT
content-encoding
gzip
cf-cache-status
HIT
age
46
x-cache
Hit from cloudfront
cf-request-id
06c52efda10000636b7885b000000001
last-modified
Thu, 03 Sep 2020 15:21:34 GMT
server
cloudflare
etag
W/"72b6f46e57e66ab97fe05eb07b6bdc45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 9128c49d19c76fd86ec4c647434ccb0a.cloudfront.net (CloudFront)
cache-control
public, max-age=300
x-amz-cf-pop
FRA50-C1
cf-ray
5fb54ddc3a8d636b-FRA
x-amz-cf-id
T8a0PbLHQhGrj3Z-GBYyrUuPWU4fHZL2KcLR5sdW0IxcpUpvut-v9g==
truncated
/
221 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b81d0b1f3fbc4272d87c2d04487966f036c073c635acfed191f88573dc6fc2c

Request headers

Referer
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/svg+xml
0QI6MX1D_JOuGQbT0gvTJPa787wsuxJBkq0.woff2
fonts.gstatic.com/s/lora/v16/
19 KB
19 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v16/0QI6MX1D_JOuGQbT0gvTJPa787wsuxJBkq0.woff2
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cf9589cfb99ad79a9db976d2da8c0ff34ce22d1671bad6a3ce0290ce8d8369b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.safebutler.com
Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 26 Nov 2020 09:19:38 GMT
x-content-type-options
nosniff
last-modified
Fri, 26 Jun 2020 02:48:31 GMT
server
sffe
age
532416
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19060
x-xss-protection
0
expires
Fri, 26 Nov 2021 09:19:38 GMT
0QIgMX1D_JOuO7HeNtxumg.woff2
fonts.gstatic.com/s/lora/v14/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v14/0QIgMX1D_JOuO7HeNtxumg.woff2
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3de92dc557a7dc56e65a281f5d38c4a63eecd6faca350d4a5d1c5a8d89fbfc6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.safebutler.com
Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 10:14:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:22:49 GMT
server
sffe
age
10738
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25588
x-xss-protection
0
expires
Thu, 02 Dec 2021 10:14:16 GMT
0QIvMX1D_JOuMwr7Iw.woff2
fonts.gstatic.com/s/lora/v14/
24 KB
24 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lora/v14/0QIvMX1D_JOuMwr7Iw.woff2
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b8d471fd55fbf29d033dd130913a60f9137ec4a36c02d251a879d0630e0ba84c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.safebutler.com
Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 12:37:10 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:21:56 GMT
server
sffe
age
174964
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24552
x-xss-protection
0
expires
Tue, 30 Nov 2021 12:37:10 GMT
laugh_female.svg
d2bx2pi9v1nae5.cloudfront.net/common/images/
38 KB
12 KB
Image
General
Full URL
https://d2bx2pi9v1nae5.cloudfront.net/common/images/laugh_female.svg
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8a00:17:2b48:5740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a78e30836b46ea23d1eecb0da89c633c60a8c890e6f59bc694355d84e6e048b9

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 30 Nov 2020 17:12:31 GMT
content-encoding
gzip
last-modified
Wed, 29 Jan 2020 01:34:18 GMT
server
AmazonS3
age
158444
etag
W/"f52941210c96d3f041a94a3d216883af"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/svg+xml
via
1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
0-VFPjYT-Z1itklehWYD2tgxpSOCO6AtvKXSNbwX-Boe3pWjRmO66w==
analytics.js
www.google-analytics.com/
46 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KG4ZVK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
5033
date
Wed, 02 Dec 2020 11:49:21 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Wed, 02 Dec 2020 13:49:21 GMT
sdk.js
analytics.tiktok.com/i18n/pixel/
56 KB
20 KB
Script
General
Full URL
https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BUS9Q20NLODTCTVSCTG0
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.152 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-152.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
b2e22002c1033fdab456812a83ab9f62534ed779024b578b39bb6979e84b1ff1

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Akamai-Request-ID
ecb9c611.8542fff2
Date
Wed, 02 Dec 2020 13:13:15 GMT
Content-Encoding
gzip
Upstream-Caught
1606914795164096
Transfer-Encoding
chunked
X-Cache
TCP_MISS from a2-16-186-148.deploy.akamaitechnologies.com (AkamaiGHost/10.2.2.1-31386017) (-)
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
X-Parent-Response-Time
173,2.16.186.148
server-timing
cdn-cache; desc=MISS, edge; dur=169, origin; dur=5, inner; dur=0
Cache-Control
max-age=0, no-cache, no-store
Server
nginx
Pragma
no-cache
X-Cache-Remote
TCP_MISS from a23-200-218-85.deploy.akamaitechnologies.com (AkamaiGHost/10.2.2.1-31386017) (-)
X-Tt-Logid
20201202131315010115176156142E9D47
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Connection
keep-alive, Transfer-Encoding
X-Origin-Response-Time
5,23.200.218.85
Expires
Wed, 02 Dec 2020 13:13:15 GMT
conversion_async.js
www.googleadservices.com/pagead/
30 KB
12 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-839896625
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s16-in-f34.1e100.net
Software
cafe /
Resource Hash
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 13:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
11761
x-xss-protection
0
server
cafe
etag
8854462785499610041
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 02 Dec 2020 13:13:15 GMT
/
prism.app-us1.com/
0
341 B
Script
General
Full URL
https://prism.app-us1.com/?a=90223204&u=https%3A%2F%2Fwww.safebutler.com%2Finsurance-jokes
Requested by
Host: diffuser-cdn.app-us1.com
URL: https://diffuser-cdn.app-us1.com/diffuser/diffuser.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:915b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 02 Dec 2020 13:13:15 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
PHP/7.2.34
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
application/javascript
cache-control
no-cache, private
cf-ray
5fb54ddccadb636b-FRA
content-length
0
cf-request-id
06c52efdff0000636bb0a2c000000001
collect
www.google-analytics.com/j/
2 B
68 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=341258475&t=pageview&_s=1&dl=https%3A%2F%2Fwww.safebutler.com%2Finsurance-jokes&ul=en-us&de=UTF-8&dt=Insurance%20Jokes%20-%20SafeButler&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1345533027&gjid=375088548&cid=436954103.1606914795&tid=UA-96126099-1&_gid=2077282862.1606914795&_r=1&gtm=2wgb415KG4ZVK&z=1203709207
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 02 Dec 2020 13:13:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.safebutler.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
1 B
87 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-96126099-1&cid=436954103.1606914795&jid=1345533027&gjid=375088548&_gid=2077282862.1606914795&_u=YEBAAAAAAAAAAC~&z=1532010298
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 02 Dec 2020 13:13:15 GMT
content-type
text/plain
access-control-allow-origin
https://www.safebutler.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/839896625/
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/839896625/?random=1606914795062&cv=9&fst=1606914795062&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.safebutler.com%2Finsurance-jokes&tiba=Insurance%20Jokes%20-%20SafeButler&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbe1533adcd46432ad2e6f367f945c9a482a30f0364060f0cefa015035a71bed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Dec 2020 13:13:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
1038
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/839896625/
42 B
108 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/839896625/?random=1606914795062&cv=9&fst=1606914000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.safebutler.com%2Finsurance-jokes&tiba=Insurance%20Jokes%20-%20SafeButler&async=1&fmt=3&is_vtc=1&random=3015605636&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Dec 2020 13:13:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/839896625/
42 B
108 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/839896625/?random=1606914795062&cv=9&fst=1606914000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oab41&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.safebutler.com%2Finsurance-jokes&tiba=Insurance%20Jokes%20-%20SafeButler&async=1&fmt=3&is_vtc=1&random=3015605636&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.safebutler.com
URL: https://www.safebutler.com/insurance-jokes
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 02 Dec 2020 13:13:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track-log.js
sf16-scmcdn-va.ibytedtos.com/goofy/track-log-international/ad/business/v4.1/
22 KB
9 KB
Script
General
Full URL
https://sf16-scmcdn-va.ibytedtos.com/goofy/track-log-international/ad/business/v4.1/track-log.js
Requested by
Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/sdk.js?sdkid=BUS9Q20NLODTCTVSCTG0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.104 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-104.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
bdff958aa03be87cbc99d35179102b862a2a477b80919808bad0711cdc30e4ff

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-akamai-request-id
a33256c
date
Wed, 02 Dec 2020 13:13:15 GMT
content-encoding
gzip
vary
Accept-Encoding
x-expires-ms
1605860634610
content-md5
x7aaDRIkb7Cdh1W5w4dPNg==
x-cache
TCP_MEM_HIT from a2-16-186-100.deploy.akamaitechnologies.com (AkamaiGHost/10.2.0.2-31441410) (-)
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
x-bdcdn-cache-status
TCP_HIT
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=0
content-length
7936
x-tos-request-id
525bc3b733742a1b-abc21c4
x-tos-response-time
Fri, 20 Nov 2020 03:09:40 GMT
last-modified
Mon, 02 Nov 2020 02:57:49 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
x-check-cacheable
YES
cache-control
max-age=1518967
access-control-allow-credentials
false
x-tt-trace-host
01b0d55b7fa5ebcbbb973018a1d028d642308ecc27edb155c630603417a442c3d0b89fe17debf0a498da812d6890e36a7dd7429cfd051aba35b0856fa8ddc29a3df235f4316b59ba783ccd1a444b3e9e45a7bf4d4cc74f2d92efa5cbab13341dc93f6d532313963c90ccd895a23142bf35
access-control-allow-headers
*
smile-butler.json
d2bx2pi9v1nae5.cloudfront.net/common/images/lottie/
10 KB
3 KB
XHR
General
Full URL
https://d2bx2pi9v1nae5.cloudfront.net/common/images/lottie/smile-butler.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/bodymovin/5.7.4/lottie.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8a00:17:2b48:5740:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c5bdad45cd40b7afdc2377de57264b3f1ef09a796d63ed74a6af82d84c769e2d

Request headers

Referer
https://www.safebutler.com/insurance-jokes
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Fri, 13 Nov 2020 21:11:53 GMT
content-encoding
gzip
last-modified
Fri, 13 Nov 2020 02:30:41 GMT
server
AmazonS3
age
1612883
etag
W/"3beda72b0dbd3eae91e38e841c8240ec"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=31536000
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
9rKJeeVOKNEn5QiqRdm5L92CoNVMINGXqJyjg-fniOyAsgxdyAQyGA==
via
1.1 a7dcca466407f1871feceef50bc84272.cloudfront.net (CloudFront)

Verdicts & Comments Add Verdict or Comment

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| dataLayer string| visitorGlobalObjectAlias function| vgo function| gtag function| $ function| jQuery object| lazySizes object| lottie object| bodymovin object| google_tag_manager string| prismGlobalObjectAlias object| visitorGlobalObject object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO boolean| _tt_config object| _taq function| TiktokJelly object| _jelly_sdks object| jelly object| _tt_track function| md5 object| VENDOR_PREFIXES

4 Cookies

Domain/Path Name / Value
.safebutler.com/ Name: _gat_UA-96126099-1
Value: 1
.safebutler.com/ Name: _ga
Value: GA1.2.436954103.1606914795
.safebutler.com/ Name: _gid
Value: GA1.2.2077282862.1606914795
.safebutler.com/ Name: sessionid
Value: ezrpwzfr4rwviolqtr3nahqym1ersyr1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
cdnjs.cloudflare.com
click.ft.money-media.com
d2bx2pi9v1nae5.cloudfront.net
diffuser-cdn.app-us1.com
fonts.gstatic.com
googleads.g.doubleclick.net
prism.app-us1.com
sf16-scmcdn-va.ibytedtos.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.safebutler.com
172.217.22.34
2.16.186.104
2.16.186.152
2600:9000:2057:8a00:17:2b48:5740:21
2606:4700::6810:135e
2606:4700::6811:915b
2a00:1450:4001:801::2002
2a00:1450:4001:802::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2003
2a00:1450:4001:819::2003
2a00:1450:4001:81a::2003
2a00:1450:400c:c0c::9c
52.38.82.83
66.231.91.47
19d114248fcffa9593afad87d411acfd984d6701a79f21c57ab1d7365270f6dc
1b0d55549509ab9e75953ab4d57a7a0714f7893e39272a4e68a3694679203032
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2e27b9cf011c3d5b006906bed6b2b64fbf0b82b2d4821f21dfdf00291c8c07be
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
3c57f3a0b2e698b8294b3f196246d474e013a78a62e1f3aeae443ccc86a6409b
3de92dc557a7dc56e65a281f5d38c4a63eecd6faca350d4a5d1c5a8d89fbfc6c
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
4b81d0b1f3fbc4272d87c2d04487966f036c073c635acfed191f88573dc6fc2c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e845f549445df78377bedc2e022bb727eec722d5ea86b357c53e8053d08c599
72058501f83c1ff78df7acc5b97b5be177d66c51cc29dad4dae7ab478ebff070
7498d6b6917902c7105bde64c2b3dad150571c34910a0a29b101595d4ada3363
a78e30836b46ea23d1eecb0da89c633c60a8c890e6f59bc694355d84e6e048b9
b2e22002c1033fdab456812a83ab9f62534ed779024b578b39bb6979e84b1ff1
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b8d471fd55fbf29d033dd130913a60f9137ec4a36c02d251a879d0630e0ba84c
bbe1533adcd46432ad2e6f367f945c9a482a30f0364060f0cefa015035a71bed
bdff958aa03be87cbc99d35179102b862a2a477b80919808bad0711cdc30e4ff
c5bdad45cd40b7afdc2377de57264b3f1ef09a796d63ed74a6af82d84c769e2d
cf9589cfb99ad79a9db976d2da8c0ff34ce22d1671bad6a3ce0290ce8d8369b7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e08895c9c83ebb44e177e8f3c1d3a8580f83b32aedc7c2feaac5543727d79556
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f9975bb869abf110eaafc66f01ee6b56646586e34d715c9b076308a3e00c4ace