urlscan.io logo urlscan.io
SecurityTrails logo

go.tim.blog Open in urlscan Pro
3.126.202.50  Public Scan

Go To Rescan Add Verdict Report
URL: https://go.tim.blog/5-bullet-friday-1/
Submission: On July 11 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 4 countries across 15 domains to perform 38 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is go.tim.blog.
TLS certificate: Issued by R3 on June 27th 2023. Valid for: 3 months.
This is the only time go.tim.blog was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 3.126.202.50 16509 (AMAZON-02)
2 108.156.2.50 16509 (AMAZON-02)
2 2600:9000:211... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
3 2a00:1450:400... 15169 (GOOGLE)
1 18.66.97.10 16509 (AMAZON-02)
1 13.249.9.253 16509 (AMAZON-02)
4 52.222.250.38 16509 (AMAZON-02)
6 99.86.159.92 16509 (AMAZON-02)
1 3.224.54.209 14618 (AMAZON-AES)
1 18.164.52.73 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 35.190.43.134 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 18.66.112.79 16509 (AMAZON-02)
2 2a03:2880:f17... 32934 (FACEBOOK)
2 2606:4700::68... 13335 (CLOUDFLAR...)
38 19
2    3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
go.tim.blog
2    108.156.2.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-2-50.mxp63.r.cloudfront.net
builder-assets.unbounce.com
2    2600:9000:2113:2400:b:3165:13c0:21 (United States)

ASN16509 (AMAZON-02, US)
d1wbjksx0xxdn3.cloudfront.net
1    2606:4700::6811:45c3 (United States)

ASN13335 (CLOUDFLARENET, US)
timferriss.ck.page
2    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    18.66.97.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-10.fra56.r.cloudfront.net
static.hotjar.com
1    13.249.9.253 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-9-253.cdg53.r.cloudfront.net
sc-static.net
4    52.222.250.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-38.fra60.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
6    99.86.159.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-159-92.mxp64.r.cloudfront.net
fonts.ub-assets.com
1    3.224.54.209 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-54-209.compute-1.amazonaws.com
events.ub-analytics.com
1    18.164.52.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-73.cdg50.r.cloudfront.net
script.hotjar.com
1    2606:4700::6812:ba39 (United States)

ASN13335 (CLOUDFLARENET, US)
f.convertkit.com
5    35.190.43.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.43.190.35.bc.googleusercontent.com
tr.snapchat.com
1    2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net
vc.hotjar.io
2    2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    2606:4700::6812:c039 (United States)

ASN13335 (CLOUDFLARENET, US)
app.convertkit.com
Apex Domain
Subdomains		 Transfer
6 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 24718
144 KB
6 cloudfront.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
84 KB
5 snapchat.com
tr.snapchat.com — Cisco Umbrella Rank: 896
1 KB
3 convertkit.com
f.convertkit.com — Cisco Umbrella Rank: 16640
app.convertkit.com — Cisco Umbrella Rank: 17686
17 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 63
21 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
239 B
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 753
script.hotjar.com — Cisco Umbrella Rank: 1081
73 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 173
155 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 20443
37 KB
2 tim.blog
go.tim.blog
8 KB
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2696
257 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
343 B
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 28135
282 B
1 sc-static.net
sc-static.net — Cisco Umbrella Rank: 1047
16 KB
1 ck.page
timferriss.ck.page
8 KB
38 15
Domain Requested by
6 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
5 tr.snapchat.com sc-static.net
4 d9hhrg4mnvzow.cloudfront.net go.tim.blog
3 www.google-analytics.com go.tim.blog
www.google-analytics.com
2 app.convertkit.com f.convertkit.com
2 www.facebook.com go.tim.blog
2 connect.facebook.net go.tim.blog
connect.facebook.net
2 d1wbjksx0xxdn3.cloudfront.net go.tim.blog
d1wbjksx0xxdn3.cloudfront.net
2 builder-assets.unbounce.com go.tim.blog
2 go.tim.blog 1 redirects
1 vc.hotjar.io script.hotjar.com
1 stats.g.doubleclick.net www.google-analytics.com
1 f.convertkit.com timferriss.ck.page
1 script.hotjar.com static.hotjar.com
1 events.ub-analytics.com go.tim.blog
1 sc-static.net go.tim.blog
1 static.hotjar.com go.tim.blog
1 timferriss.ck.page go.tim.blog
38 18

This site contains no links.

Subject Issuer Validity Valid
go.tim.blog
R3		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-02-07		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-11 -
2024-04-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-04-20 -
2023-07-19		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
sc-static.net
Amazon RSA 2048 M02		 2023-01-20 -
2024-02-18		 a year crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-29		 a year crt.sh
*.ub-analytics.com
Amazon RSA 2048 M01		 2023-03-11 -
2024-04-08		 a year crt.sh
convertkit.com
Cloudflare Inc ECC CA-3		 2023-04-08 -
2024-04-07		 a year crt.sh
*.snap.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-04-13 -
2024-04-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-06-19 -
2023-09-11		 3 months crt.sh
*.hotjar.io
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh

This page contains 2 frames:

Primary Page: https://go.tim.blog/5-bullet-friday-1/
Frame ID: 37F98951AC6A960BDF45CF96068BCBEC
Requests: 36 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=8b916c7e-dade-4c41-a79b-9fbf5a83f425&u_scsid=1b8f6d5e-02c8-4949-8624-bbd3b2406aba&u_sclid=e071a32b-d71b-43dc-975c-77f565807fe8
Frame ID: E3B683F6ACEA93A7BEAAB055EA0962C5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

"5-Bullet Friday" email newsletter by Tim Ferriss

Page URL History Show full URLs

  1. https://go.tim.blog/5-bullet-friday-1 HTTP 301
    https://go.tim.blog/5-bullet-friday-1/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Page Statistics

38
Requests

97 %
HTTPS

44 %
IPv6

15
Domains

18
Subdomains

19
IPs

4
Countries

565 kB
Transfer

1461 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://go.tim.blog/5-bullet-friday-1 HTTP 301
    https://go.tim.blog/5-bullet-friday-1/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
go.tim.blog/5-bullet-friday-1/
Redirect Chain
  • https://go.tim.blog/5-bullet-friday-1
  • https://go.tim.blog/5-bullet-friday-1/
24 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.tim.blog/5-bullet-friday-1/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
b74888954017e0f1724e996beec3ae69ac59d0a3f0d02ff889d490ff232049ac

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

content-encoding
gzip
content-length
6821
content-location
https://go.tim.blog/5-bullet-friday-1/
content-type
text/html; charset=utf-8
date
Tue, 11 Jul 2023 17:00:08 GMT
etag
"f:20be3ae638ae4609b50e3d3b2d2b52ff"
link
<https://go.tim.blog/5-bullet-friday-1/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
7b8db668-99d9-4a7b-971d-30f3a9bafd42
x-unbounce-variant
f
x-unbounce-visitorid
20be3ae6-38ae-4609-b50e-3d3b2d2b52ff

Redirect headers

content-length
0
date
Tue, 11 Jul 2023 17:00:08 GMT
location
/5-bullet-friday-1/
x-proxy-backend
page-server
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-50.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 21 May 2023 01:02:31 GMT
content-encoding
gzip
via
1.1 23ea8dc311a7b843ed4a61e32540932c.cloudfront.net (CloudFront)
x-amz-version-id
Hi0GplZUCMAlUo2d3AkAvO_Jy02q1fIj
x-amz-cf-pop
MXP63-P4
age
4463858
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Mon, 13 Mar 2023 16:18:47 GMT
server
AmazonS3
etag
"15295835030f315ea1ec0147abd5ea63"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
qVsHQkOzIpa0_fnrf76joIjJp2rk93oTyUjr0tRvjegaBtyp5s4t1g==
ub.js
d1wbjksx0xxdn3.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2113:2400:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 17:24:22 GMT
content-encoding
gzip
via
1.1 eb5fe9d69ffd00b7ccc577386e425568.cloudfront.net (CloudFront)
x-amz-version-id
DrDbRvFA9mO1umKMKkGWhgl31YCzXh7a
x-amz-cf-pop
CDG3-C1
age
1294547
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
1864
last-modified
Mon, 26 Jun 2023 16:59:10 GMT
server
AmazonS3
etag
"118cee1e64f6b283233c55aee7da10da"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
Bdspjd7ZC0nJqBOdQURoqroLop1OAOMfRa-AWnwLfyAdnTUb2zt6Hw==
index.js
timferriss.ck.page/7342c5a0fc/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://timferriss.ck.page/7342c5a0fc/index.js
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:45c3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd7925aab125f957d77d2106ded12db4d456697f3acb98bbc1d65ddccdf41431

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:00:09 GMT
content-encoding
br
cf-cache-status
REVALIDATED
cf-bgj
minify
last-modified
Fri, 28 Apr 2023 21:40:47 GMT
server
cloudflare
cf-polished
origSize=36455
etag
W/"ab03a6e353540d0b885ce90de22e2d53"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
cf-ray
7e5299db9d414c88-HEL
main.bundle-85a7477.z.js
builder-assets.unbounce.com/published-js/ 		104 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.2.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-2-50.mxp63.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 27 Feb 2023 19:49:55 GMT
content-encoding
gzip
via
1.1 23ea8dc311a7b843ed4a61e32540932c.cloudfront.net (CloudFront)
x-amz-version-id
TbQKLyFxqupjak3Mea65SB0HvILXqPo2
x-amz-cf-pop
MXP63-P4
age
11567414
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
33747
last-modified
Mon, 27 Feb 2023 19:12:56 GMT
server
AmazonS3
etag
"b4081a636463cc60b1faf49e579e8cb9"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
usmWJmPso8lCtXVNm5xe2_BKEURn3Ix41SGi_COo3DATw07HyL-UhA==
fbevents.js
connect.facebook.net/en_US/ 		171 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jul 2023 17:00:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
46863
x-xss-protection
0
pragma
public
x-fb-debug
K6X5fyJmrhd8B47F27PuKqTURifjucxPgfj0dcdyHzXMuWxMj11LXs49sd1BA9+jtlJ819bRS9gzWZdxa6BkSA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 11 Jul 2023 16:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1489
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 11 Jul 2023 18:35:19 GMT
hotjar-190217.js
static.hotjar.com/c/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-190217.js?sv=5
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-10.fra56.r.cloudfront.net
Software
/
Resource Hash
97a6fb9c21f49c30f7f51fe4ed3ff168faa937aa82e549746267d8e2d25fccd5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:00:08 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
etag
W/b5be92a101090fb5b57e24794d14dd05
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
L9FFOtt8AjaU6Mtnxhqk2aeLJpWEfuXAvAQgz8yEnxp4xCpQTCaHJg==
scevent.min.js
sc-static.net/ 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.9.253 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-9-253.cdg53.r.cloudfront.net
Software
CloudFront /
Resource Hash
ea2ca9888a45e1c5def3ccaf9f51f25832f15b08ebe4834ae7622f76d6e7ebe8

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:00:08 GMT
content-encoding
gzip
via
1.1 6c980dcb60a714b7de2e5b65761a4940.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
CDG53-C1
x-cache
Miss from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
15993
x-amz-cf-id
Y_zenH1OlbgX6pVhguK39uZ5hMEsUpRL2fpJzt7Wly5pMWgN-2Wdkg==
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Type
image/gif
a10c3740-5bf-desktop-v2_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/go.tim.blog/5-bullet-friday-1/ 		511 B
904 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.tim.blog/5-bullet-friday-1/a10c3740-5bf-desktop-v2_1000000000000000000028.png
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c15b041ef6c4a174289dd468638827242a0068cb04910d256eaf8244b08ef3f6

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sun, 22 Jan 2023 01:13:39 GMT
x-amz-version-id
VrUNCPx7K8tUhhiWMAtqO3Cfl38iunYB
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified
Thu, 23 Sep 2021 14:01:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14744790
etag
"76365a9b58d48581e31afa894b56ccff"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
511
x-amz-cf-id
bOHrJPdNDc88mSAmO0tSpuFDE0Ye8QL8rzbw8aXwaTrgFmCZ_MJ9Dg==
4605e573-5bf-desktop-background_1000000000000000000028.png
d9hhrg4mnvzow.cloudfront.net/go.tim.blog/5-bullet-friday-1/ 		512 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.tim.blog/5-bullet-friday-1/4605e573-5bf-desktop-background_1000000000000000000028.png
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3bd498ae7c8cdae6ff56559cbd7be1a8e1b8bcde7c682f1cec89f971cec3d4be

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 21 Jan 2023 00:51:58 GMT
x-amz-version-id
B0u6zdkejfl.BMgbXNRwwvUie8TVbQEV
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified
Thu, 23 Sep 2021 14:01:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
14832490
etag
"8459e3ec6c15b74fac06cc48418d4de3"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
512
x-amz-cf-id
EQX0UTCPg1no9dNHWxgz6JrLaeAlrFJE64x3_gvzjrqzMdPwZaR3aQ==
sp-2.14.0.js
d1wbjksx0xxdn3.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1wbjksx0xxdn3.cloudfront.net/sp-2.14.0.js
Requested by
Host: d1wbjksx0xxdn3.cloudfront.net
URL: https://d1wbjksx0xxdn3.cloudfront.net/ub.js?1687799037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2113:2400:b:3165:13c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 26 Jun 2023 17:23:53 GMT
content-encoding
gzip
via
1.1 eb5fe9d69ffd00b7ccc577386e425568.cloudfront.net (CloudFront)
x-amz-version-id
0Jz2Bo4sfVFEftEdSoFX9n5OCEdIO6kj
x-amz-cf-pop
CDG3-C1
age
1294576
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
30399
last-modified
Mon, 26 Jun 2023 16:59:50 GMT
server
AmazonS3
etag
"73de733c308b8b5e44d2a6242dc4bd99"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
HjZSwMf13SEBFYc-SQgI3jm1ANbmGqkBszlejKQVpLeMItYcDn24Bg==
dad7c86a-816e-419d-8043-2576ad5470a4
https://go.tim.blog/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://go.tim.blog/dad7c86a-816e-419d-8043-2576ad5470a4
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Length
5523
Content-Type
text/css
css
fonts.ub-assets.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-85a7477.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.159.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-159-92.mxp64.r.cloudfront.net
Software
/
Resource Hash
1f7d1fa167f1970a2b41ec3ce21182a0894e7cb93d1e521514672dac0de15471
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:00:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 13234883000891123bda3fd8d846da9c.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C2
x-amzn-requestid
025f0647-ac6f-48d3-8f53-70469cc5c227
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
H6KYAEkwIAMFuqA=
content-length
844
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-64ad8a99-60887558568277be28fd3c36
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
fZuAm2cgHwaOHzeTqmoqj0Jl8xI77evW70_-TBY3xM339Yg8qs0x6Q==
d6883d60-socialmedia-timferriss-200114-025_10710e9000000000000028.png
d9hhrg4mnvzow.cloudfront.net/go.tim.blog/5-bullet-friday-1/ 		46 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.tim.blog/5-bullet-friday-1/d6883d60-socialmedia-timferriss-200114-025_10710e9000000000000028.png
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a86cd53acfc7ab5d9b867aa07803bcd2547976ac688e7edc0ee4cc0bc0c33b37

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 10 May 2023 14:54:30 GMT
x-amz-version-id
czukjkFqkapjdf4waTJdTDkN8GoTbR5H
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified
Fri, 28 Apr 2023 22:13:10 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
5364339
etag
"48c80381b4b54eabe7267b8ef0779933"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
47551
x-amz-cf-id
KZbAEqxeDZugp3IPN4oXClYgid3wr9h7LIMe1khRDUfWaGGWv68PWg==
97e64dcc-5bf-logo_102r016000000000000028.png
d9hhrg4mnvzow.cloudfront.net/go.tim.blog/5-bullet-friday-1/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/go.tim.blog/5-bullet-friday-1/97e64dcc-5bf-logo_102r016000000000000028.png
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.250.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-250-38.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad5a593824becd1e0cefc9ee00b39c74332f9cd3158e382a38ac3d1f00698f5a

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 10:45:18 GMT
x-amz-version-id
kasOyxIZ62lbya1nBS1CfcN7gfnTFb2v
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
last-modified
Thu, 23 Sep 2021 14:01:33 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
7193691
etag
"b605769d3e9b11fb50452d7242463dea"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2773
x-amz-cf-id
PD4-feEn1MDEU7JP8gr_9YgfMqIR2RZEUFdr6SqXN-VAEeL5Io3mwQ==
i
events.ub-analytics.com/ 		43 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1689094808946&e=pv&url=https%3A%2F%2Fgo.tim.blog%2F5-bullet-friday-1%2F&page=%225-Bullet%20Friday%22%20email%20newsletter%20by%20Tim%20Ferriss&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=bd73fead-1547-447a-a3a1-63fa4a5b9805&dtm=1689094808944&vp=1600x1200&ds=1600x1200&vid=1&sid=b09f831d-8e3d-4b2f-bf1d-99610d29bc3b&duid=8544b18e-b9f8-4eb3-8b8e-7ad5c713b1fb&uid=20be3ae6-38ae-4609-b50e-3d3b2d2b52ff&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiN2I4ZGI2NjgtOTlkOS00YTdiLTk3MWQtMzBmM2E5YmFmZDQyIiwidmFyaWFudElkIjoiZiIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.54.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-54-209.compute-1.amazonaws.com
Software
akka-http/10.2.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:00:09 GMT
server
akka-http/10.2.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
43
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=935654628&t=pageview&_s=1&dl=https%3A%2F%2Fgo.tim.blog%2F5-bullet-friday-1%2F&dp=%2F5-bullet-friday-1%2Ff&ul=en-us&de=UTF-8&dt=%225-Bullet%20Friday%22%20email%20newsletter%20by%20Tim%20Ferriss&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1717389530&gjid=1791896950&cid=2031467726.1689094809&tid=UA-77039360-1&_gid=1020334206.1689094809&_r=1&_slc=1&z=2055854271
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://go.tim.blog/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 17:00:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.tim.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
modules.fba0c9b2e1c5e125e170.js
script.hotjar.com/ 		270 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-190217.js?sv=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.52.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-52-73.cdg50.r.cloudfront.net
Software
/
Resource Hash
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Mon, 10 Jul 2023 07:23:07 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 c1b64e986e19699994a84686a601b624.cloudfront.net (CloudFront)
x-amz-cf-pop
CDG50-P4
age
121022
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
70330
last-modified
Mon, 10 Jul 2023 07:22:19 GMT
etag
"0054d18e8d659772b0e915a12ecd8b15"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
oMKTkACO31PpLBB9MZRi1lZT1sMpXVn5m6xn5czym_gwxzVUGKnoWg==
ck.6.js
f.convertkit.com/ckjs/ 		59 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.convertkit.com/ckjs/ck.6.js
Requested by
Host: timferriss.ck.page
URL: https://timferriss.ck.page/7342c5a0fc/index.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:ba39 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11fd35891f446e3f8733754fb13944234198319c29c0cbcb3d36e93196a03b8d

Request headers

Referer
https://go.tim.blog/
Origin
https://go.tim.blog
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date
Tue, 11 Jul 2023 17:00:09 GMT
Content-Encoding
br
CF-Cache-Status
HIT
x-amz-request-id
QYR4NZQCA95FSEPV
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
TpKqrFxWuWz6bHkz1N84mkYD5RcI57ZFOpt5ajRuF/gw8jzLYGc1+nKuNj7jfNcOkuHn3KuN96U=
Last-Modified
Mon, 10 Jul 2023 18:41:58 GMT
Server
cloudflare
ETag
W/"3bc2c1442344444409ca2a1151fa9979"
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
Access-Control-Allow-Methods
GET, HEAD
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://go.tim.blog
Access-Control-Expose-Headers
Access-Control-Allow-Origin, Access-Control-Request-Method, ETag
Cache-Control
public, max-age=14400
Access-Control-Allow-Credentials
true
CF-RAY
7e5299dd9ccc4c82-HEL
Expires
Tue, 11 Jul 2023 21:00:09 GMT
788987874513702
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/788987874513702?v=2.9.111&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f83ff3be17eed5657b9eb53cecc442ac775855de84124cdaa5043e5a27dc8623
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 11 Jul 2023 17:00:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
XawCI707f4aMEtwgOEcb8yZMpSEWUmhXOAzSfgQmy4r3jxTM9eCbDgjW6peVW8PcWCsox5/Rg1uwTsy0VoxsHg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
8b916c7e-dade-4c41-a79b-9fbf5a83f425.js
tr.snapchat.com/config/blog/ 		168 B
453 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/config/blog/8b916c7e-dade-4c41-a79b-9fbf5a83f425.js
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
3f34e5813214e8d46c81b88df1884d368d8a00d82718818d41467d937c9657b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://go.tim.blog/
Origin
https://go.tim.blog
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 google
server
API Gateway
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://go.tim.blog
x-envoy-upstream-service-time
1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
i
tr.snapchat.com/cm/ Frame E3B6 		0
201 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=8b916c7e-dade-4c41-a79b-9fbf5a83f425&u_scsid=1b8f6d5e-02c8-4949-8624-bbd3b2406aba&u_sclid=e071a32b-d71b-43dc-975c-77f565807fe8
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains

Request headers

Referer
https://go.tim.blog/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Tue, 11 Jul 2023 17:00:09 GMT
server
API Gateway
strict-transport-security
max-age=31536000; includeSubDomains; preload max-age=31536000; includeSubDomains
via
1.1 google
x-envoy-upstream-service-time
0
collect
stats.g.doubleclick.net/j/ 		1 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-77039360-1&cid=2031467726.1689094809&jid=1717389530&gjid=1791896950&_gid=1020334206.1689094809&_u=IEBAAEAAAAAAACAAI~&z=1805127885
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://go.tim.blog/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 11 Jul 2023 17:00:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://go.tim.blog
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
p
tr.snapchat.com/ 		68 B
342 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://go.tim.blog/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Tue, 11 Jul 2023 17:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
text/html
access-control-allow-origin
https://go.tim.blog
cache-control
no-cache, no-transform
x-envoy-upstream-service-time
5
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
hm
tr.snapchat.com/ 		68 B
88 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/hm
Requested by
Host: sc-static.net
URL: https://sc-static.net/scevent.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains

Request headers

Referer
https://go.tim.blog/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 11 Jul 2023 17:00:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload, max-age=31536000; includeSubDomains
via
1.1 google
server
API Gateway
content-type
application/json
access-control-allow-origin
https://go.tim.blog
cache-control
no-cache, no-transform
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68
hm
tr.snapchat.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/hm
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.43.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
134.43.190.35.bc.googleusercontent.com
Software
API Gateway /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://go.tim.blog
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Authorization,Content-Type,x-grpc-web,X-Snap-Route-Tag,x-cof-user-agent,x-snap-client-user-agent,bitmoji-token,X-Snap-Access-Token
access-control-allow-methods
GET,POST,PUT,DELETE,OPTIONS,PATCH
access-control-allow-origin
https://go.tim.blog
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 11 Jul 2023 17:00:09 GMT
server
API Gateway
via
1.1 google
190217
vc.hotjar.io/sessions/ 		0
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/190217?s=0.25&r=0.02606711633047598
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.fba0c9b2e1c5e125e170.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
Python/3.8 aiohttp/3.8.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 11 Jul 2023 17:00:09 GMT
via
1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront)
server
Python/3.8 aiohttp/3.8.4
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
s1og_O0rSqjBWm1DgCG5WcXagtOzK1qm_n6AJbRLEx7ua3zpXNkYcw==
S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.159.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-159-92.mxp64.r.cloudfront.net
Software
/
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Origin
https://go.tim.blog
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Tue, 16 May 2023 05:31:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23580
via
1.1 be8ca88bcfbe9f1ac2e2b6bb9e74f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C2
age
4879697
x-amzn-requestid
93d9b571-b31e-4946-9491-034cc4b456ec
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
FABDVEAIoAMFWoQ=
content-length
23578
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-64631548-20446e00635a2d7c174e8af4
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
vccdXE_WgNmpz1aG-XEpvdEw0dwyjrlQx1qwXe_VQbd3f6UZN8au-Q==
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.159.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-159-92.mxp64.r.cloudfront.net
Software
/
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Origin
https://go.tim.blog
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Sat, 17 Jun 2023 03:20:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
23040
via
1.1 be8ca88bcfbe9f1ac2e2b6bb9e74f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C2
age
2122765
x-amzn-requestid
1a888798-29a4-43bc-b35d-c1d44e9e570b
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
GpL2CF5pIAMF2IQ=
content-length
23041
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-648d268c-0efeebee29a4efa52d1ca073
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
rFYinncC--flQt2NejFh1iRdO1YVaRzsg7onrCOtcSQc2XYAIpD6UA==
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.159.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-159-92.mxp64.r.cloudfront.net
Software
/
Resource Hash
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Origin
https://go.tim.blog
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
22504
via
1.1 be8ca88bcfbe9f1ac2e2b6bb9e74f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C2
age
6022021
x-amzn-requestid
4f676554-5a99-4f9a-9cda-d41b3fd5a3a1
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
EUcLNGdcIAMFslw=
content-length
22518
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:12:45 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6451a714-4646b3b76c5600fb1e3965d7
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
9Z5ZYpl3vmeH6kyNrPplQkUg8qnhziorfa4E1EUgUbKCxcX1mUoZLg==
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.ub-assets.com/fonts/s/lato/v24/ 		24 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.159.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-159-92.mxp64.r.cloudfront.net
Software
/
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Origin
https://go.tim.blog
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:25:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
24408
via
1.1 be8ca88bcfbe9f1ac2e2b6bb9e74f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C2
age
6021283
x-amzn-requestid
4749b5a4-d74f-4502-89b2-cd1855b61abf
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
EUd-hHMBIAMFvzg=
content-length
24387
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6451a9f6-4711124723c49a532c8e1cd7
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
N_hfB9WLWDF4nLLkZ0iAI_0uISP46zuwB3GAIfbaS7ibLde0hiao0w==
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.ub-assets.com/fonts/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.159.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-159-92.mxp64.r.cloudfront.net
Software
/
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.ub-assets.com/css?family=Lato:regular,700,900,italic%7COpen+Sans:regular,700,300
Origin
https://go.tim.blog
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

date
Wed, 03 May 2023 00:09:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
48412
via
1.1 be8ca88bcfbe9f1ac2e2b6bb9e74f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP64-C2
age
6022252
x-amzn-requestid
47a12b93-1e08-4c76-a4d4-39b8f1a20c61
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
EUbnIFoaIAMF50Q=
content-length
48445
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6451a62d-0d83f3f16f57a55b34c17982
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
yGu49DiIVNV3CQOKiqa8Ovh5wfl2giLaMkX0kd06RY9CAI21brrhYA==
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=788987874513702&ev=PageView&dl=https%3A%2F%2Fgo.tim.blog%2F5-bullet-friday-1%2F&rl=&if=false&ts=1689094809664&sw=1600&sh=1200&v=2.9.111&r=stable&ec=0&o=30&fbp=fb.1.1689094809661.2026144969&cs_est=true&it=1689094809131&coo=false&rqm=GET
Requested by
Host: go.tim.blog
URL: https://go.tim.blog/5-bullet-friday-1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 17:00:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=935654628&t=timing&_s=2&dl=https%3A%2F%2Fgo.tim.blog%2F5-bullet-friday-1%2F&ul=en-us&de=UTF-8&dt=%225-Bullet%20Friday%22%20email%20newsletter%20by%20Tim%20Ferriss&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1574&pdt=1&dns=0&rrt=199&srt=60&tcp=0&dit=530&clt=530&_gst=515&_gbt=752&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=2031467726.1689094809&tid=UA-77039360-1&_gid=1020334206.1689094809&z=510601968
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 11 Jul 2023 07:08:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
35523
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=788987874513702&ev=Microdata&dl=https%3A%2F%2Fgo.tim.blog%2F5-bullet-friday-1%2F&rl=&if=false&ts=1689094810169&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5C%225-Bullet%20Friday%5C%22%20email%20newsletter%20by%20Tim%20Ferriss%22%2C%22meta%3Akeywords%22%3A%225-bullet%20friday%2C%20tim%20ferriss%22%2C%22meta%3Adescription%22%3A%22Get%20the%205%20Things%20I%27ve%20Been%20Loving%2C%20Using%2C%20and%20Reading%3A%20Books%2C%20Gadgets%2C%20Hacks%2C%20and%20More.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%225-Bullet%20Friday%20by%20Tim%20Ferriss%20is%20a%20free%20weekly%20newsletter.%20Sign%20up%20here.%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fgo.tim.blog%2F5-bullet-friday-1%2F%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Ftim.blog%2Fwp-content%2Fuploads%2F2021%2F09%2Ftimferrissshoot-191.jpeg%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22800%22%2C%22og%3Adescription%22%3A%225-Bullet%20Friday%20by%20Tim%20Ferriss%20is%20a%20free%20weekly%20newsletter.%20Sign%20up%20here.%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.111&r=stable&ec=1&o=30&fbp=fb.1.1689094809661.2026144969&it=1689094809131&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://go.tim.blog/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 11 Jul 2023 17:00:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
visit
app.convertkit.com/forms/5097081/ 		7 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://app.convertkit.com/forms/5097081/visit
Requested by
Host: f.convertkit.com
URL: https://f.convertkit.com/ckjs/ck.6.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options ALLOWALL
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
X-CKJS-Version
6
Referer
https://go.tim.blog/
accept-language
fi-FI,fi;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type
application/json

Response headers

Date
Tue, 11 Jul 2023 17:00:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
CF-Cache-Status
DYNAMIC
X-Permitted-Cross-Domain-Policies
none
Connection
keep-alive
Content-Length
7
X-XSS-Protection
1; mode=block
X-Request-Id
ae20d2ff-434e-4b8c-b949-15b086e76feb
X-Runtime
0.012295
Referrer-Policy
strict-origin-when-cross-origin
Server
cloudflare
ETag
W/"aee408847d35e44e99430f0979c3357b"
X-Download-Options
noopen
Vary
Accept, Origin, Accept-Encoding
Access-Control-Allow-Methods
POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
max-age=0, private, must-revalidate
Access-Control-Max-Age
7200
CF-Ray
7e5299ec9d68d902-HEL
X-Frame-Options
ALLOWALL
visit
app.convertkit.com/forms/5097081/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://app.convertkit.com/forms/5097081/visit
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c039 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-ckjs-version
Access-Control-Request-Method
POST
Origin
https://go.tim.blog
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type,x-ckjs-version
Access-Control-Allow-Methods
GET, POST, PUT, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Max-Age
7200
CF-Cache-Status
DYNAMIC
CF-Ray
7e5299eb5b3fd902-HEL
Connection
keep-alive
Content-Length
0
Date
Tue, 11 Jul 2023 17:00:11 GMT
Server
cloudflare
Vary
Accept-Encoding

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| onbeforetoggle object| onscrollend object| ub function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| hj object| _hjSettings function| snaptr object| r object| UnbounceSnowplowNamespace function| ubSnowplow function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| __sv_forms object| CK object| regeneratorRuntime

16 Cookies

Domain/Path Name / Value
go.tim.blog/5-bullet-friday-1/ Name: ubpv
Value: f%2C7b8db668-99d9-4a7b-971d-30f3a9bafd42
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
go.tim.blog/ Name: ubvs
Value: 20be3ae6-38ae-4609-b50e-3d3b2d2b52ff
.tim.blog/ Name: ubvt
Value: v2%7C20be3ae6-38ae-4609-b50e-3d3b2d2b52ff%7C7b8db668-99d9-4a7b-971d-30f3a9bafd42%3Af%3Asingle
.tim.blog/ Name: _ga
Value: GA1.2.2031467726.1689094809
.tim.blog/ Name: _gid
Value: GA1.2.1020334206.1689094809
.tim.blog/ Name: _gat
Value: 1
.tim.blog/ Name: _scid
Value: dca2506d-16a8-4518-8e6b-9c11589c7d08
.tim.blog/ Name: _scid_r
Value: dca2506d-16a8-4518-8e6b-9c11589c7d08
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBgQ0AIAgDsItIYCpu56CJV3C8bVKn8MrwEDbzXFMANvYeXFFXzu5IyjXpav/M6BcpMgAAAA==
.tim.blog/ Name: _hjSessionUser_190217
Value: eyJpZCI6IjViZWNiMDZhLTA0MDQtNTViMS05ZGI5LTM2N2U4MDcwZmU3YyIsImNyZWF0ZWQiOjE2ODkwOTQ4MDk0NjEsImV4aXN0aW5nIjpmYWxzZX0=
.tim.blog/ Name: _hjFirstSeen
Value: 1
.tim.blog/ Name: _hjIncludedInSessionSample_190217
Value: 0
.tim.blog/ Name: _hjSession_190217
Value: eyJpZCI6Ijc5OTAyOGI0LTdmYzAtNDhkYy1iOWE2LWI2Mjk5NGViMmM4NyIsImNyZWF0ZWQiOjE2ODkwOTQ4MDk0NzEsImluU2FtcGxlIjpmYWxzZX0=
.tim.blog/ Name: _hjAbsoluteSessionInProgress
Value: 1
.tim.blog/ Name: _fbp
Value: fb.1.1689094809661.2026144969

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.convertkit.com
builder-assets.unbounce.com
connect.facebook.net
d1wbjksx0xxdn3.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
f.convertkit.com
fonts.ub-assets.com
go.tim.blog
sc-static.net
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
timferriss.ck.page
tr.snapchat.com
vc.hotjar.io
www.facebook.com
www.google-analytics.com
108.156.2.50
13.249.9.253
18.164.52.73
18.66.112.79
18.66.97.10
2600:9000:2113:2400:b:3165:13c0:21
2606:4700::6811:45c3
2606:4700::6812:ba39
2606:4700::6812:c039
2a00:1450:4001:80e::200e
2a00:1450:400c:c0d::9a
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
3.126.202.50
3.224.54.209
35.190.43.134
52.222.250.38
99.86.159.92
08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
11fd35891f446e3f8733754fb13944234198319c29c0cbcb3d36e93196a03b8d
1f7d1fa167f1970a2b41ec3ce21182a0894e7cb93d1e521514672dac0de15471
2da988427b34614d705adbf808e2e61d91f67bf147db9049e34c99b3624171e8
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3537c6a36fae2d2132581b7915d51e1ed268ae146f5df18a84def7ed594fbe15
370dbc0a7e85181d81ecf29999a4782fc0fde9621e538b4d17887e2d1af1522d
3bd498ae7c8cdae6ff56559cbd7be1a8e1b8bcde7c682f1cec89f971cec3d4be
3f34e5813214e8d46c81b88df1884d368d8a00d82718818d41467d937c9657b4
4e5a3a4b4858e1659fc13663ba9fc8bd7b5e7ee16a1be8e7f96f36890253db31
4e930b31445643295bfd2cfaeeaba015e08766fd8b7ff3b61db88003ad6720a0
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a747734bc4cf88e192f853e80b6bd25a7976dcea76af998f41c88ed64f6b86
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
97a6fb9c21f49c30f7f51fe4ed3ff168faa937aa82e549746267d8e2d25fccd5
a86cd53acfc7ab5d9b867aa07803bcd2547976ac688e7edc0ee4cc0bc0c33b37
ad5a593824becd1e0cefc9ee00b39c74332f9cd3158e382a38ac3d1f00698f5a
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b74888954017e0f1724e996beec3ae69ac59d0a3f0d02ff889d490ff232049ac
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
c15b041ef6c4a174289dd468638827242a0068cb04910d256eaf8244b08ef3f6
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
dd7925aab125f957d77d2106ded12db4d456697f3acb98bbc1d65ddccdf41431
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2ca9888a45e1c5def3ccaf9f51f25832f15b08ebe4834ae7622f76d6e7ebe8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f83ff3be17eed5657b9eb53cecc442ac775855de84124cdaa5043e5a27dc8623