plus.ongoody.com Open in urlscan Pro
54.91.59.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://plus.ongoody.com/signup
Effective URL:
https://plus.ongoody.com/signup
Submission: On July 27 via manual (July 27th 2021, 9:03:24 am UTC) from PL

Summary HTTP 30 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 30 HTTP transactions. The main IP is 54.91.59.199, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is plus.ongoody.com.
TLS certificate: Issued by R3 on June 13th 2021. Valid for: 3 months.

This is the only time plus.ongoody.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	54.91.59.199 54.91.59.199	14618 (AMAZON-AES) (AMAZON-AES)
2	13.224.112.80 13.224.112.80	16509 (AMAZON-02) (AMAZON-02)
1	54.200.110.219 54.200.110.219	16509 (AMAZON-02) (AMAZON-02)
3	13.224.111.117 13.224.111.117	16509 (AMAZON-02) (AMAZON-02)
11	54.237.133.81 54.237.133.81	14618 (AMAZON-AES) (AMAZON-AES)
2	13.224.111.86 13.224.111.86	16509 (AMAZON-02) (AMAZON-02)
1	52.40.185.72 52.40.185.72	16509 (AMAZON-02) (AMAZON-02)
1	34.120.195.249 34.120.195.249	15169 (GOOGLE) (GOOGLE)
30	8

10 54.91.59.199 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-91-59-199.compute-1.amazonaws.com

plus.ongoody.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.112.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-112-80.mad50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.200.110.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-200-110-219.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.111.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-117.mad50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 54.237.133.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-133-81.compute-1.amazonaws.com

api.ongoody.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.111.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-111-86.mad50.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.40.185.72 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-40-185-72.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.195.249 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o430500.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	ongoody.com 1 redirects plus.ongoody.com api.ongoody.com	655 KB
4	stripe.com js.stripe.com m.stripe.com	65 KB
2	stripe.network m.stripe.network	20 KB
2	segment.com cdn.segment.com	25 KB
1	sentry.io o430500.ingest.sentry.io	286 B
1	segment.io api.segment.io	143 B
30	6

	Domain	Requested by
11	api.ongoody.com	plus.ongoody.com
10	plus.ongoody.com	1 redirects plus.ongoody.com
3	js.stripe.com	plus.ongoody.com js.stripe.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	cdn.segment.com	plus.ongoody.com cdn.segment.com
1	o430500.ingest.sentry.io	plus.ongoody.com
1	m.stripe.com	m.stripe.network
1	api.segment.io	cdn.segment.com
30	8

This site contains links to these domains. Also see Links.

Domain
www.ongoody.com
goody.helpscoutdocs.com

Subject Issuer	Validity	Valid
plus.ongoody.com R3	`2021-06-13` - `2021-09-11`	3 months	crt.sh
*.segment.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-19` - `2022-08-09`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2021-07-09` - `2021-11-03`	4 months	crt.sh
api.ongoody.com R3	`2021-07-21` - `2021-10-19`	3 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2021-11-03`	4 months	crt.sh
*.ingest.sentry.io R3	`2021-06-26` - `2021-09-24`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://plus.ongoody.com/signup
Frame ID: 691B6F85CDD9161D3043972E482DAAD0
Requests: 20 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
Frame ID: 61D95BB3227C5F6377561269D7D2E592
Requests: 2 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: F6C325A0A0D935C6F76A37E011795B4B
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://plus.ongoody.com/signup HTTP 301
https://plus.ongoody.com/signup Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

script /js\.stripe\.com/i

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /cdn\.segment\.com\/analytics\.js/i

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

8
IPs

1
Countries

764 kB
Transfer

2229 kB
Size

0
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ongoody.com/terms
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.ongoody.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://goody.helpscoutdocs.com/
Title: Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://plus.ongoody.com/signup HTTP 301
https://plus.ongoody.com/signup Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request signup Show response
plus.ongoody.com/
Redirect Chain

http://plus.ongoody.com/signup
https://plus.ongoody.com/signup

4 KB
2 KB

294ms
99ms

Document
text/html

54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.ongoody.com/signup

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

dfe3334dfc486436896cfe50bab142b9dfca66ab1b607af1dc31fccba0ec7b3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Host: plus.ongoody.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Server: nginx
Date: Tue, 27 Jul 2021 09:03:04 GMT
Content-Type: text/html; charset=UTF-8
Last-Modified: Tue, 27 Jul 2021 04:58:40 GMT
Transfer-Encoding: chunked
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31557600
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Etag: W/"60ff9280-fce"
Content-Encoding: gzip
Via: 1.1 vegur

Redirect headers

Connection: keep-alive
Server: nginx
Date: Tue, 27 Jul 2021 09:03:04 GMT
Content-Type: text/html
Content-Length: 162
Strict-Transport-Security: max-age=31557600
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Location: https://plus.ongoody.com/signup
Via: 1.1 vegur

GET
H/1.1 200
OK 2.4708a07a.chunk.css
plus.ongoody.com/static/css/ 27 KB
9 KB 101ms
100ms Stylesheet
text/css 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.ongoody.com/static/css/2.4708a07a.chunk.css

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/signup

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

72d6d91b159bb0a28b1014e9c48c3f99ab16c51a6b43e4d079862527d775f050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plus.ongoody.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://plus.ongoody.com/signup
Connection: keep-alive
Referer: https://plus.ongoody.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 09:03:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jul 2021 04:58:40 GMT
Server: nginx
X-Frame-Options: DENY
Etag: W/"60ff9280-6b92"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 vegur
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31557600
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK main.2137de12.chunk.css
plus.ongoody.com/static/css/ 9 KB
3 KB 201ms
99ms Stylesheet
text/css 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.ongoody.com/static/css/main.2137de12.chunk.css

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/signup

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

106f96c9d03948778c107be2d7634039b22b498abe62477ebf0e097cff41ea62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plus.ongoody.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://plus.ongoody.com/signup
Connection: keep-alive
Referer: https://plus.ongoody.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 09:03:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jul 2021 04:58:40 GMT
Server: nginx
X-Frame-Options: DENY
Etag: W/"60ff9280-2511"
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 vegur
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31557600
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK 2.18510d2e.chunk.js Show response
plus.ongoody.com/static/js/ 1 MB
328 KB 288ms
100ms Script
application/x-javascript 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.ongoody.com/static/js/2.18510d2e.chunk.js

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/signup

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

646f967526ed094a03c35ade4162d55a7fce1f4bfa97ae21b130d79d89134ddd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plus.ongoody.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plus.ongoody.com/signup
Connection: keep-alive
Referer: https://plus.ongoody.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 09:03:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jul 2021 04:58:40 GMT
Server: nginx
X-Frame-Options: DENY
Etag: W/"60ff9280-11c188"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 vegur
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31557600
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK main.7129f68c.chunk.js Show response
plus.ongoody.com/static/js/ 475 KB
129 KB 294ms
100ms Script
application/x-javascript 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.ongoody.com/static/js/main.7129f68c.chunk.js

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/signup

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

84a49cd0b8c53e9736b2264e1d6d68d34fd73a1a59e9ed66c61343554e04b8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plus.ongoody.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://plus.ongoody.com/signup
Connection: keep-alive
Referer: https://plus.ongoody.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 09:03:05 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jul 2021 04:58:40 GMT
Server: nginx
X-Frame-Options: DENY
Etag: W/"60ff9280-76d6b"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Via: 1.1 vegur
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31557600
X-Xss-Protection: 1; mode=block

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/aTjKs0AfTuQxydBelrr8p2w1m2HXkH5l/ 85 KB
23 KB 728ms
664ms Script
text/javascript 13.224.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/aTjKs0AfTuQxydBelrr8p2w1m2HXkH5l/analytics.min.js
Requested by: Host: plus.ongoody.com
URL: https://plus.ongoody.com/signup
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-112-80.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a086b1fe27eb364d89b9057ea70029a6214ae0bf6c91a84d2aaf2820bfd3b880

Request headers

Referer: https://plus.ongoody.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 09:03:06 GMT
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: MAD50-C1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 27 Jul 2021 05:55:24 GMT
server: AmazonS3
etag: W/"1ae2f98eee7548ee0fa20ce16fab182e"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: Gw09nAVhjIaIEonFhBuReFiIYlvPnsJD
via: 1.1 a72068a5d77ecba7daccda339a668499.cloudfront.net (CloudFront)
cache-control: public, max-age=120
content-type: text/javascript; charset=utf-8
x-amz-cf-id: vF7B5ZZTiCWKS94AEMPr1i-NAMJgLpY_JETajMp3Q9vQBlc3TeMTTg==

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/aTjKs0AfTuQxydBelrr8p2w1m2HXkH5l/ 837 B
1 KB 305ms
242ms XHR
application/json 13.224.112.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/aTjKs0AfTuQxydBelrr8p2w1m2HXkH5l/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/aTjKs0AfTuQxydBelrr8p2w1m2HXkH5l/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.112.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-112-80.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 511ba15615664f7c0e0d9da51037219c39b58b11b00e11558370b8d40f6d4c78

Request headers

Referer: https://plus.ongoody.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 09:03:07 GMT
via: 1.1 eae0fbb8e97278d435febe844db04b08.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
content-length: 837
last-modified: Thu, 08 Jul 2021 04:28:27 GMT
server: AmazonS3
etag: "af3575145aed00ba90db9a2eecc1809f"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: TR5SBBD49AGRHDx7vx5rLf4l9l311O_M
access-control-allow-origin: *
cache-control: public, max-age=10800
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-amz-cf-id: I6Eu6T_aXRJ0M7oo7AXFXCNYDsowvQOwP9aojNOC1dWGP1xvU5SsLw==

POST
H2 200 m Show response
api.segment.io/v1/ 21 B
143 B 559ms
159ms XHR
application/json 54.200.110.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/m
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/aTjKs0AfTuQxydBelrr8p2w1m2HXkH5l/analytics.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.200.110.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-200-110-219.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://plus.ongoody.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://plus.ongoody.com
date: Tue, 27 Jul 2021 09:03:06 GMT
content-length: 21
vary: Origin
content-type: application/json

GET
H2 200 v3 Show response
js.stripe.com/ 227 KB
62 KB 153ms
72ms Script
application/javascript 13.224.111.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/static/js/2.18510d2e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.111.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-111-117.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

4e21877533c764faac02d6c6919a655139685ff9e49ebf0e9cfc94f888d31c8d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://plus.ongoody.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"e68b38b9c8ad007a7e24a3856d53907f"
age: 77
via: 1.1 520bc3f1e5131e67d2c8c98babd6f5a2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: 4T4D1B0YC3HQ4THW
x-amz-id-2: WSfX2xYjIMUbFe5im4gDh/sCIiJzzJYna1iQ9N5J/8+w18jQOFK1qIbkJkWqP+Ly6zfqpocKURU=
last-modified: Mon, 26 Jul 2021 22:40:55 GMT
server: AmazonS3
date: Tue, 27 Jul 2021 09:01:50 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MAD50-C1
timing-allow-origin: *
x-amz-cf-id: takY-_bM42tETo1FxIinfDXXiVtgTY5aBTggE2ninUy5Rm-9u9UTlw==

GET
H/1.1 200
OK loader.5b6600cf.svg
plus.ongoody.com/static/media/ 888 B
1 KB 95ms
94ms Image
image/svg+xml 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plus.ongoody.com/static/media/loader.5b6600cf.svg

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/signup

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

bbcaab77738a00bb26b14486a3ca05140a7e9445f6b4002a3910e91aa3902618

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plus.ongoody.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://plus.ongoody.com/signup
Connection: keep-alive
Referer: https://plus.ongoody.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 09:03:06 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jul 2021 04:58:40 GMT
Server: nginx
X-Frame-Options: DENY
Etag: "60ff9280-378"
Strict-Transport-Security: max-age=31557600
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 888
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK csrf_token
api.ongoody.com/graphql_web/ 0
0 357ms
120ms Fetch
text/html 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ongoody.com/graphql_web/csrf_token

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/static/js/2.18510d2e.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-133-81.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://plus.ongoody.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 09:03:06 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-Protected-By: Sqreen
Access-Control-Max-Age: 7200
Connection: keep-alive
Vary: Origin
X-Xss-Protection: 1;mode=block
X-Request-Id: db3fdcd1-01be-4fbb-8231-4df5eb52df89
X-Runtime: 0.021003
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
X-Download-Options: noopen
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: text/html
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Expose-Headers: csrf-token
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Csrf-Token: AoxlC6NIOATEt9rWzwTpEftWHbggL+ea+DB9ShL1nRHfejhSh+kdFtOG2lKUNyBb5CERPKHl/n5hv69+8+bFDg==

GET
H2 200 m-outer-5564a2ae650989ada0dc7f7250ae34e9.html Show response
js.stripe.com/v3/ Frame 61D9 215 B
951 B 62ms
62ms Document
text/html 13.224.111.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.111.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-111-117.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: js.stripe.com
:scheme: https
:path: /v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://plus.ongoody.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://plus.ongoody.com/

Response headers

content-type: text/html; charset=utf-8
content-length: 215
x-amz-id-2: OXraxR+iC7iTO3sAmGV6kl0fnEoUGpmQ6LoEq2w2LoT1TPZSGNGWFwXM7TAORkGPrLYgO/J5obE=
x-amz-request-id: 0H6JBQGT28EWPG92
last-modified: Tue, 29 Jun 2021 17:25:38 GMT
accept-ranges: bytes
server: AmazonS3
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
access-control-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src https://m.stripe.network; img-src https://q.stripe.com; font-src 'none'; media-src 'none'; object-src 'none';
date: Tue, 27 Jul 2021 08:58:35 GMT
cache-control: public, max-age=300
etag: "5564a2ae650989ada0dc7f7250ae34e9"
x-cache: Hit from cloudfront
via: 1.1 520bc3f1e5131e67d2c8c98babd6f5a2.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: X_3lZltSRq5ntybp2x5nBayM1Eej_XxvfK5dsQL1N9jvn10Hv9Ffbg==
age: 272

GET
H2 200 m-outer-60c368c1e1eddba7bd149e4b4f5408df.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 61D9 1 KB
1 KB 75ms
75ms Script
application/javascript 13.224.111.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.111.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-111-117.mad50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://js.stripe.com/v3/m-outer-5564a2ae650989ada0dc7f7250ae34e9.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"78581b5abad6c4e7b59c0f8ee45a8134"
age: 32
via: 1.1 520bc3f1e5131e67d2c8c98babd6f5a2.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-request-id: F7SSDPQ41PJ49TKC
x-amz-id-2: aZtW5ulz5ORoQuxcanxgwwSVWSfwdry8gsPDVDno3xOYagPg3ojKPavRjIXygf/fntEeheic910=
last-modified: Tue, 29 Jun 2021 17:25:39 GMT
server: AmazonS3
date: Tue, 27 Jul 2021 09:02:36 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; script-src 'self'; style-src 'self' 'unsafe-inline'; frame-src 'self'; img-src 'self' https://q.stripe.com blob:; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MAD50-C1
timing-allow-origin: *
x-amz-cf-id: l7XCtJrs3oqsUYxT9IX71RAuIszh5lGzoBhO0Ayse9CsanJplm-zCw==

GET
H2 200 inner.html Show response
m.stripe.network/ Frame F6C3 932 B
1 KB 114ms
30ms Document
text/html 13.224.111.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-60c368c1e1eddba7bd149e4b4f5408df.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.111.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-111-86.mad50.r.cloudfront.net

Software

nginx /

Resource Hash

52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

:method: GET
:authority: m.stripe.network
:scheme: https
:path: /inner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://js.stripe.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js.stripe.com/

Response headers

content-type: text/html; charset=utf-8
server: nginx
last-modified: Fri, 18 Jun 2021 21:35:08 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
content-encoding: gzip
date: Tue, 27 Jul 2021 09:00:53 GMT
cache-control: public, max-age=300
etag: W/"60cd118c-3a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 17a71b4bf5d35b398b0fd90a5cd154a7.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: Dgv4idEbO_4dnx5CYiODC66kuSNVMcmDBj9clFFUgfnRuWwUdYtRQg==
age: 134

OPTIONS
H/1.1 200
OK graphql_web
api.ongoody.com/ Frame 0
0 296ms
101ms Preflight 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ongoody.com/graphql_web
Protocol: HTTP/1.1
Server: 54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-133-81.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-csrf-token
Origin: https://plus.ongoody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Date: Tue, 27 Jul 2021 09:03:06 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Expose-Headers: user-id
Access-Control-Max-Age: 7200
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-csrf-token
Transfer-Encoding: chunked
Via: 1.1 vegur

POST
H/1.1 200
OK graphql_web Show response
api.ongoody.com/ 24 KB
25 KB 185ms
185ms Fetch
application/json 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ongoody.com/graphql_web

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/static/js/2.18510d2e.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-133-81.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

95b0089f05e245511e0529c7b1b97a06c5200af631e825e74639bf3ec258291a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept: */*
Referer: https://plus.ongoody.com/
X-CSRF-Token: AoxlC6NIOATEt9rWzwTpEftWHbggL+ea+DB9ShL1nRHfejhSh+kdFtOG2lKUNyBb5CERPKHl/n5hv69+8+bFDg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

User-Id
Date: Tue, 27 Jul 2021 09:03:06 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-Protected-By: Sqreen
Access-Control-Max-Age: 7200
Connection: keep-alive
Vary: Accept, Origin
X-Xss-Protection: 1;mode=block
X-Request-Id: 77ed9335-d49c-48b4-b84e-9d15465e697d
X-Runtime: 0.075993
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"95b0089f05e245511e0529c7b1b97a06"
X-Download-Options: noopen
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Expose-Headers: user-id
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true

GET
H2 200 out-4.5.35.js Show response
m.stripe.network/ Frame F6C3 85 KB
19 KB 33ms
33ms Script
application/x-javascript 13.224.111.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.35.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.111.86 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-111-86.mad50.r.cloudfront.net

Software

nginx /

Resource Hash

847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: gzip
etag: W/"60cd118c-153a9"
age: 260
x-cache: Hit from cloudfront
last-modified: Fri, 18 Jun 2021 21:35:08 GMT
server: nginx
date: Tue, 27 Jul 2021 08:58:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
via: 1.1 17a71b4bf5d35b398b0fd90a5cd154a7.cloudfront.net (CloudFront)
cache-control: public, max-age=300
content-security-policy: default-src 'self'; connect-src 'self' https://m.stripe.com; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src 'self' https://js.stripe.com; img-src 'self' https://m.stripe.com; font-src data: https:; media-src 'none'; object-src 'self';
x-amz-cf-pop: MAD50-C1
timing-allow-origin: *
x-amz-cf-id: GvFw04M8h89Ra-DQT6XNj-XAzcm_DZxWHkvNxwcnei28gHBvUl1MRA==

POST
H2 200 6 Show response
m.stripe.com/ Frame F6C3 156 B
519 B 483ms
161ms XHR
text/plain 52.40.185.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.35.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.40.185.72 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-40-185-72.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

9e94d779950c55183ea4bc381eac2f61b10e51fa4be0d925a2ca2d0999d4412f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 27 Jul 2021 09:03:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: text/plain;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
strict-transport-security: max-age=31556926; includeSubDomains; preload
access-control-allow-headers: Content-Type

OPTIONS
H/1.1 200
OK graphql_web
api.ongoody.com/ Frame 0
0 100ms
100ms Preflight 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ongoody.com/graphql_web
Protocol: HTTP/1.1
Server: 54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-133-81.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-csrf-token
Origin: https://plus.ongoody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Date: Tue, 27 Jul 2021 09:03:07 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Expose-Headers: user-id
Access-Control-Max-Age: 7200
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-csrf-token
Transfer-Encoding: chunked
Via: 1.1 vegur

OPTIONS
H/1.1 200
OK graphql_web
api.ongoody.com/ Frame 0
0 206ms
106ms Preflight 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ongoody.com/graphql_web
Protocol: HTTP/1.1
Server: 54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-133-81.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-csrf-token
Origin: https://plus.ongoody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Date: Tue, 27 Jul 2021 09:03:07 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Expose-Headers: user-id
Access-Control-Max-Age: 7200
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-csrf-token
Transfer-Encoding: chunked
Via: 1.1 vegur

OPTIONS
H/1.1 200
OK graphql_web
api.ongoody.com/ Frame 0
0 281ms
94ms Preflight 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ongoody.com/graphql_web
Protocol: HTTP/1.1
Server: 54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-133-81.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-csrf-token
Origin: https://plus.ongoody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Date: Tue, 27 Jul 2021 09:03:08 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Expose-Headers: user-id
Access-Control-Max-Age: 7200
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-csrf-token
Transfer-Encoding: chunked
Via: 1.1 vegur

OPTIONS
H/1.1 200
OK graphql_web
api.ongoody.com/ Frame 0
0 282ms
95ms Preflight 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ongoody.com/graphql_web
Protocol: HTTP/1.1
Server: 54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-237-133-81.compute-1.amazonaws.com
Software: Cowboy /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-csrf-token
Origin: https://plus.ongoody.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: Cowboy
Date: Tue, 27 Jul 2021 09:03:08 GMT
Connection: keep-alive
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Expose-Headers: user-id
Access-Control-Max-Age: 7200
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-csrf-token
Transfer-Encoding: chunked
Via: 1.1 vegur

GET
H/1.1 200
OK Graphik-Regular-Web.bc25d025.woff2
plus.ongoody.com/static/media/ 36 KB
36 KB 183ms
182ms Font
application/octet-stream 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.ongoody.com/static/media/Graphik-Regular-Web.bc25d025.woff2

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/static/css/main.2137de12.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

9053198fa126ca12c6dcf107436d1fbd6846ad49db3842de70f2295dde7674e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://plus.ongoody.com
Accept-Encoding: gzip, deflate, br
Host: plus.ongoody.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://plus.ongoody.com/static/css/main.2137de12.chunk.css
Connection: keep-alive
Origin: https://plus.ongoody.com
Referer: https://plus.ongoody.com/static/css/main.2137de12.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 09:03:07 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jul 2021 04:58:40 GMT
Server: nginx
X-Frame-Options: DENY
Etag: "60ff9280-8ead"
Strict-Transport-Security: max-age=31557600
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 36525
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK Graphik-Medium-Web.6a75ca7b.woff2
plus.ongoody.com/static/media/ 35 KB
35 KB 188ms
188ms Font
application/octet-stream 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://plus.ongoody.com/static/media/Graphik-Medium-Web.6a75ca7b.woff2

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/static/css/main.2137de12.chunk.css

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

609fc8138c6a5ef648ff7119d9a7b8b623a6e312d66faaf7e20691d05cddaf3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://plus.ongoody.com
Accept-Encoding: gzip, deflate, br
Host: plus.ongoody.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://plus.ongoody.com/static/css/main.2137de12.chunk.css
Connection: keep-alive
Origin: https://plus.ongoody.com
Referer: https://plus.ongoody.com/static/css/main.2137de12.chunk.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 09:03:07 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jul 2021 04:58:40 GMT
Server: nginx
X-Frame-Options: DENY
Etag: "60ff9280-8aa1"
Strict-Transport-Security: max-age=31557600
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35489
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK plus-logo.a408e7b1.svg
plus.ongoody.com/static/media/ 12 KB
12 KB 100ms
100ms Image
image/svg+xml 54.91.59.199
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://plus.ongoody.com/static/media/plus-logo.a408e7b1.svg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.91.59.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-91-59-199.compute-1.amazonaws.com

Software

nginx /

Resource Hash

dca49d83f8d4e090213613190f48ef95fdb02b5f450abbb78e39f81272c798b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: plus.ongoody.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://plus.ongoody.com/signup
Connection: keep-alive
Referer: https://plus.ongoody.com/signup
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Jul 2021 09:03:07 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Last-Modified: Tue, 27 Jul 2021 04:58:40 GMT
Server: nginx
X-Frame-Options: DENY
Etag: "60ff9280-2ffc"
Strict-Transport-Security: max-age=31557600
Content-Type: image/svg+xml
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12284
X-Xss-Protection: 1; mode=block

POST
H/1.1 200
OK graphql_web Show response
api.ongoody.com/ 20 B
931 B 111ms
110ms Fetch
application/json 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ongoody.com/graphql_web

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/static/js/2.18510d2e.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-133-81.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

88ecf92326f1ff8da3d81eb38e1a84528de5661b7ec30b895ba82c43118380af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept: */*
Referer: https://plus.ongoody.com/
X-CSRF-Token: AoxlC6NIOATEt9rWzwTpEftWHbggL+ea+DB9ShL1nRHfejhSh+kdFtOG2lKUNyBb5CERPKHl/n5hv69+8+bFDg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

User-Id
Date: Tue, 27 Jul 2021 09:03:07 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-Protected-By: Sqreen
Access-Control-Max-Age: 7200
Connection: keep-alive
Vary: Accept, Origin
X-Xss-Protection: 1;mode=block
X-Request-Id: 1909124d-e9b2-4152-9e3d-c6204bb3229a
X-Runtime: 0.010694
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"88ecf92326f1ff8da3d81eb38e1a8452"
X-Download-Options: noopen
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Expose-Headers: user-id
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK graphql_web Show response
api.ongoody.com/ 16 KB
17 KB 267ms
263ms Fetch
application/json 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ongoody.com/graphql_web

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/static/js/2.18510d2e.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-133-81.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

09254a9c27c573e6921551b442975b362add58c0a55c2f4556608cdb5f542e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept: */*
Referer: https://plus.ongoody.com/
X-CSRF-Token: AoxlC6NIOATEt9rWzwTpEftWHbggL+ea+DB9ShL1nRHfejhSh+kdFtOG2lKUNyBb5CERPKHl/n5hv69+8+bFDg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

User-Id
Date: Tue, 27 Jul 2021 09:03:07 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-Protected-By: Sqreen
Access-Control-Max-Age: 7200
Connection: keep-alive
Vary: Accept, Origin
X-Xss-Protection: 1;mode=block
X-Request-Id: 6a6d5303-1492-4e66-9f0e-eb92b8dd4168
X-Runtime: 0.160565
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"09254a9c27c573e6921551b442975b36"
X-Download-Options: noopen
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Expose-Headers: user-id
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK graphql_web Show response
api.ongoody.com/ 54 KB
55 KB 235ms
117ms Fetch
application/json 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ongoody.com/graphql_web

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/static/js/2.18510d2e.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-133-81.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

2b019657203ee04fdb80563e21b2e8c8504b3859ba7e926120201ee84eb71f07

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept: */*
Referer: https://plus.ongoody.com/
X-CSRF-Token: AoxlC6NIOATEt9rWzwTpEftWHbggL+ea+DB9ShL1nRHfejhSh+kdFtOG2lKUNyBb5CERPKHl/n5hv69+8+bFDg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

User-Id
Date: Tue, 27 Jul 2021 09:03:07 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-Protected-By: Sqreen
Access-Control-Max-Age: 7200
Connection: keep-alive
Vary: Accept, Origin
X-Xss-Protection: 1;mode=block
X-Request-Id: 725f7a6b-0b2e-48f0-9cb2-d68636eca1e2
X-Runtime: 0.016883
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"2b019657203ee04fdb80563e21b2e8c8"
X-Download-Options: noopen
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Expose-Headers: user-id
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true

POST
H/1.1 200
OK graphql_web Show response
api.ongoody.com/ 20 B
931 B 292ms
104ms Fetch
application/json 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.ongoody.com/graphql_web

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/static/js/2.18510d2e.chunk.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-133-81.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

88ecf92326f1ff8da3d81eb38e1a84528de5661b7ec30b895ba82c43118380af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

accept: */*
Referer: https://plus.ongoody.com/
X-CSRF-Token: AoxlC6NIOATEt9rWzwTpEftWHbggL+ea+DB9ShL1nRHfejhSh+kdFtOG2lKUNyBb5CERPKHl/n5hv69+8+bFDg==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/json

Response headers

User-Id
Date: Tue, 27 Jul 2021 09:03:07 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
Transfer-Encoding: chunked
X-Protected-By: Sqreen
Access-Control-Max-Age: 7200
Connection: keep-alive
Vary: Accept, Origin
X-Xss-Protection: 1;mode=block
X-Request-Id: 2ad05d3f-bfd8-4371-83b4-bb7bb4cd2a5d
X-Runtime: 0.007402
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"88ecf92326f1ff8da3d81eb38e1a8452"
X-Download-Options: noopen
Strict-Transport-Security: max-age=63072000; includeSubDomains
Access-Control-Allow-Methods: POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://plus.ongoody.com
Access-Control-Expose-Headers: user-id
Cache-Control: max-age=0, private, must-revalidate
Access-Control-Allow-Credentials: true

POST
H2 200 / Show response
o430500.ingest.sentry.io/api/5678397/envelope/ 41 B
286 B 82ms
8ms Fetch
application/json 34.120.195.249
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://o430500.ingest.sentry.io/api/5678397/envelope/?sentry_key=98c1c2446d1b4002ae37dff0826297db&sentry_version=7

Requested by

Host: plus.ongoody.com
URL: https://plus.ongoody.com/static/js/2.18510d2e.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7bb8a1a5b0101e4a218b80945324f7e64e4fef6649497ccbac359974e8378334

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://plus.ongoody.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 27 Jul 2021 09:03:07 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://plus.ongoody.com
access-control-expose-headers: retry-after, x-sentry-rate-limits, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: clear
content-length: 41

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://cdn.segment.com/analytics.js/v1/aTjKs0AfTuQxydBelrr8p2w1m2HXkH5l/analytics.min.js(Line 1) Message: [analytics.js] Failed to load Analytics.js TypeError: Cannot read property 'getItem' of null

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ongoody.com
api.segment.io
cdn.segment.com
js.stripe.com
m.stripe.com
m.stripe.network
o430500.ingest.sentry.io
plus.ongoody.com
13.224.111.117
13.224.111.86
13.224.112.80
34.120.195.249
52.40.185.72
54.200.110.219
54.237.133.81
54.91.59.199
09254a9c27c573e6921551b442975b362add58c0a55c2f4556608cdb5f542e35
106f96c9d03948778c107be2d7634039b22b498abe62477ebf0e097cff41ea62
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
2b019657203ee04fdb80563e21b2e8c8504b3859ba7e926120201ee84eb71f07
2f90c4b8fb3b8afbf228232c4afb00f5a1d0efab1c7f7ebf313d730d3cd050f3
4e21877533c764faac02d6c6919a655139685ff9e49ebf0e9cfc94f888d31c8d
511ba15615664f7c0e0d9da51037219c39b58b11b00e11558370b8d40f6d4c78
52fb9ace8bb7e59f6fc283763ce819175a60e566d7248f5de82b4d00d6b14c7d
609fc8138c6a5ef648ff7119d9a7b8b623a6e312d66faaf7e20691d05cddaf3e
646f967526ed094a03c35ade4162d55a7fce1f4bfa97ae21b130d79d89134ddd
691b9a514dcd9541c4d3fa26dc23c391eaf00535415d84f9cda5f910fe721840
72d6d91b159bb0a28b1014e9c48c3f99ab16c51a6b43e4d079862527d775f050
7bb8a1a5b0101e4a218b80945324f7e64e4fef6649497ccbac359974e8378334
847a624eddae67f7b34622fa6e6329228d5ce6dbd5ccb13f993969a63f53b6bb
84a49cd0b8c53e9736b2264e1d6d68d34fd73a1a59e9ed66c61343554e04b8c9
88ecf92326f1ff8da3d81eb38e1a84528de5661b7ec30b895ba82c43118380af
9053198fa126ca12c6dcf107436d1fbd6846ad49db3842de70f2295dde7674e8
95b0089f05e245511e0529c7b1b97a06c5200af631e825e74639bf3ec258291a
9e94d779950c55183ea4bc381eac2f61b10e51fa4be0d925a2ca2d0999d4412f
a086b1fe27eb364d89b9057ea70029a6214ae0bf6c91a84d2aaf2820bfd3b880
bbcaab77738a00bb26b14486a3ca05140a7e9445f6b4002a3910e91aa3902618
dca49d83f8d4e090213613190f48ef95fdb02b5f450abbb78e39f81272c798b0
dfe3334dfc486436896cfe50bab142b9dfca66ab1b607af1dc31fccba0ec7b3d

plus.ongoody.com Open in urlscan Pro 54.91.59.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

0 %IPv6

6 Domains

8 Subdomains

8 IPs

1 Countries

764 kBTransfer

2229 kBSize

0 Cookies

3 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

plus.ongoody.com Open in urlscan Pro
54.91.59.199 Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

8
Subdomains

8
IPs

1
Countries

764 kB
Transfer

2229 kB
Size

0
Cookies

30 HTTP transactions
0 data transactions