urlscan.io logo urlscan.io
SecurityTrails logo

onboarding.gobetterfly.com Open in urlscan Pro
13.225.80.57  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://url5419.betterfly.cl/ls/click?upn=-2FH68qFmklRJdabZOg-2BDIqby2RVUlPou8IK3hQQVU3jPUikCpeBR42FKK-2FUm501rUDSaVdYjGkTNNc...
Effective URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Submission: On January 13 via manual from SE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 16 domains to perform 54 HTTP transactions. The main IP is 13.225.80.57, located in United States and belongs to AMAZON-02, US. The main domain is onboarding.gobetterfly.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 1st 2021. Valid for: a year.
This is the only time onboarding.gobetterfly.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    167.89.123.124 (Chicago, United States)

ASN11377 (SENDGRID, US)
PTR: o16789123x124.outbound-mail.sendgrid.net
url5419.betterfly.cl
12    13.225.80.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-57.fra2.r.cloudfront.net
onboarding.gobetterfly.com
2    13.225.79.159 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-79-159.fra2.r.cloudfront.net
www.datadoghq-browser-agent.com
4    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4019:80c::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
analytics.google.com
3    2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.225.80.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-113.fra2.r.cloudfront.net
static.hotjar.com
2    13.224.193.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-56.fra2.r.cloudfront.net
api.betterfly.cl
2    20.51.76.10 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
rum.browser-intake-us3-datadoghq.com
1    13.32.22.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-22-49.fra56.r.cloudfront.net
script.hotjar.com
1    143.204.215.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-26.fra53.r.cloudfront.net
vars.hotjar.com
1    52.30.228.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-228-41.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    13.225.80.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-115.fra2.r.cloudfront.net
vc.hotjar.io
1    54.220.174.100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-174-100.eu-west-1.compute.amazonaws.com
ws28.hotjar.com
2    2a00:1450:4019:80b::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    23.111.9.57 (United States)

ASN33438 (HIGHWINDS2, US)
twemoji.maxcdn.com
1    35.186.241.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api-js.mixpanel.com
Apex Domain
Subdomains		 Transfer
12 gobetterfly.com
onboarding.gobetterfly.com
641 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
336 KB
6 google.com
www.google.com — Cisco Umbrella Rank: 8
analytics.google.com — Cisco Umbrella Rank: 971
37 KB
5 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 573
script.hotjar.com — Cisco Umbrella Rank: 719
vars.hotjar.com — Cisco Umbrella Rank: 857
in.hotjar.com — Cisco Umbrella Rank: 1592
ws28.hotjar.com — Cisco Umbrella Rank: 67855
66 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
167 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
421 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
58 KB
3 betterfly.cl
url5419.betterfly.cl
api.betterfly.cl
2 KB
2 browser-intake-us3-datadoghq.com
rum.browser-intake-us3-datadoghq.com
233 B
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 88
386 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
114 KB
2 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 3331
33 KB
1 mixpanel.com
api-js.mixpanel.com — Cisco Umbrella Rank: 1907
410 B
1 maxcdn.com
twemoji.maxcdn.com — Cisco Umbrella Rank: 8499
727 B
1 hotjar.io
vc.hotjar.io — Cisco Umbrella Rank: 2046
256 B
0 google.de Failed
www.google.de Failed
54 16
Domain Requested by
12 onboarding.gobetterfly.com onboarding.gobetterfly.com
www.datadoghq-browser-agent.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com onboarding.gobetterfly.com
www.gstatic.com
www.google.com
4 www.googletagmanager.com onboarding.gobetterfly.com
www.googletagmanager.com
3 stats.g.doubleclick.net www.googletagmanager.com
www.datadoghq-browser-agent.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.datadoghq-browser-agent.com
2 fonts.gstatic.com www.google.com
2 rum.browser-intake-us3-datadoghq.com www.datadoghq-browser-agent.com
2 api.betterfly.cl www.datadoghq-browser-agent.com
2 www.facebook.com onboarding.gobetterfly.com
2 analytics.google.com www.googletagmanager.com
2 connect.facebook.net onboarding.gobetterfly.com
connect.facebook.net
2 www.datadoghq-browser-agent.com onboarding.gobetterfly.com
1 api-js.mixpanel.com www.datadoghq-browser-agent.com
1 twemoji.maxcdn.com
1 ws28.hotjar.com www.datadoghq-browser-agent.com
1 vc.hotjar.io www.datadoghq-browser-agent.com
1 in.hotjar.com www.datadoghq-browser-agent.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 static.hotjar.com onboarding.gobetterfly.com
1 url5419.betterfly.cl 1 redirects
0 www.google.de Failed onboarding.gobetterfly.com
54 23

This site contains links to these domains. Also see Links.

Domain
airtable.com
Subject Issuer Validity Valid
*.gobetterfly.com
Go Daddy Secure Certificate Authority - G2		 2021-07-01 -
2022-07-01		 a year crt.sh
*.datadoghq-browser-agent.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-17 -
2022-03-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-22 -
2022-01-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-12-08 -
2022-03-02		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.hotjar.com
Amazon		 2021-11-25 -
2022-12-23		 a year crt.sh
*.betterfly.cl
Amazon		 2021-10-24 -
2022-11-22		 a year crt.sh
*.browser-intake-us3-datadoghq.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-12 -
2023-01-11		 a year crt.sh
*.hotjar.io
Amazon		 2021-08-17 -
2022-09-15		 a year crt.sh
twemoji.maxcdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-10-13 -
2022-11-09		 a year crt.sh
*.mixpanel.com
GeoTrust RSA CA 2018		 2020-04-20 -
2022-04-21		 2 years crt.sh

This page contains 3 frames:

Primary Page: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Frame ID: D551F63094EF420307E95120927EB3F1
Requests: 44 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3&co=aHR0cHM6Ly9vbmJvYXJkaW5nLmdvYmV0dGVyZmx5LmNvbTo0NDM.&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=kk4dbkcao1zt
Frame ID: BCC40D6EEE086E58D72B52B5E7891A86
Requests: 8 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Frame ID: E40DF364F88170C0ADCA7041C44A68F5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Betterfly

Page URL History Show full URLs

  1. http://url5419.betterfly.cl/ls/click?upn=-2FH68qFmklRJdabZOg-2BDIqby2RVUlPou8IK3hQQVU3jPUikCpeBR42FKK-2F... HTTP 302
    https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

54
Requests

96 %
HTTPS

41 %
IPv6

16
Domains

23
Subdomains

22
IPs

4
Countries

1456 kB
Transfer

3713 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://url5419.betterfly.cl/ls/click?upn=-2FH68qFmklRJdabZOg-2BDIqby2RVUlPou8IK3hQQVU3jPUikCpeBR42FKK-2FUm501rUDSaVdYjGkTNNcFfWc-2FeubC3b-2FAUCduz9nSFHMHMJ6d-2BjKam0HbnL9rHzmyd1OROg7QX4jfte6nzDyE2TtMRnvGw72GVwsV40-2BU3U2YFZDBHHxh0PQzY5-2BFjXoCUnsVYHRA0f_uAGIKxVHnzoGVmPcnUwHmaF0UbWfyunIOuTQWEBjh9JbhBmBqu0BOOBQ0zRcUN87V6EQGPY51VTeX6SgZGSmPm65vzJBtD7FEuEauZi78FdpklaVGqgn3QSRjkWAYMVbXgSDAv2P-2BSki-2BUPTXyuAqCd0e1gDPsqzEyCghier9aJgLB35-2FxTdHiIwLdhNlD9b7-2FwRHf9mHU6qKjI4W4pqsFzWRZnCKAz3P-2FEwiMhUs2A0t38s0SJA-2FtfctC8LJSZdmQwUsHkfML3oN3kztyu85EtnQ6HSo5xsfBs7YXoF8OMO86oohF17j7uvsCi1Ra0JG8ea7NfK-2BXUiGOx8SJ09j0gUm1rFBRiX2cxPGFDw2Cx0Nn0A9VlP84smJWubcdNEw8SQKvn6JLrWCKwj27Rr-2FXvqDAEGpvEYaFYsGJv-2Bcp8tmIJVxbP1GYiVvM6QRkwJkc0dCmrfznwSROiNx4y6yA3zpQecFj19fLQQ3pr1u5-2FoEBNZDxBxETt8TMpY8XQrPPb4u2tQUF0FyUcNkQ2dWrrhf6uydbiYwJgzE5kU8Ls-3D HTTP 302
    https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
onboarding.gobetterfly.com/
Redirect Chain
  • http://url5419.betterfly.cl/ls/click?upn=-2FH68qFmklRJdabZOg-2BDIqby2RVUlPou8IK3hQQVU3jPUikCpeBR42FKK-2FUm501rUDSaVdYjGkTNNcFfWc-2FeubC3b-2FAUCduz9nSFHMHMJ6d-2BjKam0HbnL9rHzmyd1OROg7QX4jfte6nzDyE2T...
  • https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37a916367a0583bf85c5a8d1754981e5d180dd5debd01986decd92005c965e8b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

content-type
text/html
last-modified
Wed, 01 Dec 2021 18:54:19 GMT
x-amz-version-id
0Cy2RAodrZQpPq40q_vjqOpDr7hSHceb
server
AmazonS3
country-name
China
country-region
GD
country-region-name
Guangdong
content-encoding
gzip
date
Wed, 12 Jan 2022 18:24:15 GMT
etag
W/"d9204945364010d40057ce2a793ad922"
vary
Accept-Encoding
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
age
76249
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
C3LEkH14F8Sq2ua7xVmL6Y7A-ygfrsvpKBXP2Cd4ukC1VP11VahtJw==

Redirect headers

Server
nginx
Date
Thu, 13 Jan 2022 15:35:03 GMT
Content-Type
text/html; charset=utf-8
Content-Length
165
Connection
keep-alive
Location
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
X-Robots-Tag
noindex, nofollow
datadog-rum.js
www.datadoghq-browser-agent.com/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-rum.js
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-159.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:34:57 GMT
content-encoding
br
last-modified
Mon, 19 Jul 2021 12:21:08 GMT
server
AmazonS3
age
7
etag
W/"6f16bc452a225d7da116aa4c430872f8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
73W11WfaN1oIPBIMvdxeMBMRTNakEucAx5Uzwr8Wr9VC2otL5OwTJA==
datadog-logs.js
www.datadoghq-browser-agent.com/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs.js
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.79.159 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-79-159.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:34:32 GMT
content-encoding
br
last-modified
Tue, 27 Jul 2021 15:01:20 GMT
server
AmazonS3
age
69
etag
W/"9eb57181f3149e3310d96317ef9188ac"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
cache-control
max-age=14400, s-maxage=60
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
06wteHQSopPZcEcqyMTbAGRTRfVtK_EYQ0OH_3tDzKMh8KPFTiGHvQ==
main.2d314229.js
onboarding.gobetterfly.com/static/js/ 		1 MB
293 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onboarding.gobetterfly.com/static/js/main.2d314229.js
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47a92ab625c2b635df00049ed89ec1b23db119633e5b8db03e70b91bd7efa1e9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 11:12:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
15782
country-region-name
Rio de Janeiro
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 18:54:20 GMT
server
AmazonS3
country-region
RJ
country-name
Brazil
x-frame-options
DENY
etag
W/"ff51c9e6f5e69580ec7c0b3c0c380d51"
vary
Accept-Encoding
x-amz-version-id
GNhQFjgU5DQQ6C9gH65.DU635rmW5Mc_
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
x-amz-cf-pop
FRA2-C2
content-type
application/x-javascript
x-amz-cf-id
Ex_CeV4nVHggex0Gr7uit0h0Pd37xD4Nt3GBkZrVYcDNdkHYV2QeMw==
main.d925ae95.css
onboarding.gobetterfly.com/static/css/ 		96 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onboarding.gobetterfly.com/static/css/main.d925ae95.css
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb54d118f7577cc33392db14a71838756a9f69496d440c35765b3f695f52a175
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 12:22:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
11563
country-region-name
Santiago Metropolitan
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 18:54:22 GMT
server
AmazonS3
country-region
RM
country-name
Chile
x-frame-options
DENY
etag
W/"a06ccdf42d24782b628ee2c454ebf923"
vary
Accept-Encoding
x-amz-version-id
oDFxF_A8hhiUHa7TNXYttplzZUEzz9ez
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
x-amz-cf-pop
FRA2-C2
content-type
text/css
x-amz-cf-id
eWCaoMVhYCcqA-qLTBmIFvhoRxmsmuC7RR3RBwtYc-edMri6NiSvHg==
gtm.js
www.googletagmanager.com/ 		132 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NC6WC3B
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
52595d13c7ea9b701434e612e1dbad8254739463063de67af96c1adf545c2d34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:35:04 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46739
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Jan 2022 15:35:04 GMT
logo_Betterfly.2b0929de6cbc85c492829ef3a0d169cf.svg
onboarding.gobetterfly.com/static/media/ 		17 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onboarding.gobetterfly.com/static/media/logo_Betterfly.2b0929de6cbc85c492829ef3a0d169cf.svg
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a70625f37bb1f8c6bf0d4b4bc86c52a421b91245fcfdf4067b1b005173b64ac2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 10:42:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
17568
country-region-name
Madrid
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 18:54:21 GMT
server
AmazonS3
country-region
MD
country-name
Spain
x-frame-options
DENY
etag
W/"a998ca5d09824217d8ef4a05aec83174"
vary
Accept-Encoding
x-amz-version-id
Svu3vVhoZs.vC1OAzeuB3240caEi3UTo
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
x-amz-cf-pop
FRA2-C2
content-type
image/svg+xml
x-amz-cf-id
ynGiLnu8uHnlUgFRzWwh8kCPS2oDXpjNq6FsbWW0gf7cgEk3mkWNDw==
en.json
onboarding.gobetterfly.com/locales/ 		17 KB
7 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onboarding.gobetterfly.com/locales/en.json
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1f5f43b2574ff0adf1a18e49b6c216d7048cde36b6adc54b4a30ee31f9991e99
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
rmF5RLSEqNlrJrxX1SF7peLx6PE16Uk0
content-encoding
gzip
etag
W/"803093903e9a5d2557d01d9e8ee465d4"
age
12912
country-region-name
Region del Biobio
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 18:54:19 GMT
server
AmazonS3
country-region
BI
country-name
Chile
x-frame-options
DENY
date
Thu, 13 Jan 2022 12:22:24 GMT
vary
Accept-Encoding
content-type
application/json
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
SeYzj7K3XbjvpZcA--Ic_dX7Y94oIuW9Wou4O8qhM3JMSSaFjSTr9g==
x-content-type-options
nosniff
api.js
www.google.com/recaptcha/ 		884 B
999 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/static/js/main.2d314229.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
dfe19f6619cf6af432d75e3b88fe7939d9cf3732fdf9ed1b7a629cb94f598143
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:35:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
586
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 15:35:04 GMT
en-US.json
onboarding.gobetterfly.com/locales/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onboarding.gobetterfly.com/locales/en-US.json
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37a916367a0583bf85c5a8d1754981e5d180dd5debd01986decd92005c965e8b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
0Cy2RAodrZQpPq40q_vjqOpDr7hSHceb
content-encoding
gzip
etag
W/"d9204945364010d40057ce2a793ad922"
age
76250
country-region-name
Guangdong
x-cache
Error from cloudfront
last-modified
Wed, 01 Dec 2021 18:54:19 GMT
server
AmazonS3
country-region
GD
country-name
China
date
Wed, 12 Jan 2022 18:24:15 GMT
vary
Accept-Encoding
content-type
text/html
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
RoFPJQw6_nCqIeU6-gPJku0tGEtIAZtlX3YAvbCdmbwTolEURNp2Ig==
js
www.googletagmanager.com/gtag/ 		163 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-CGD8K793Q0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC6WC3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc4e186033249e2d8a22b9b5e0c59d6b49071c4d6ccb79afe4cd620fb8c6784a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:35:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61919
x-xss-protection
0
expires
Thu, 13 Jan 2022 15:35:04 GMT
js
www.googletagmanager.com/gtag/ 		164 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-WG2C5D4SER&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC6WC3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aa5f9d6bdd0e6b24f27748700fa623b67ffcc7e56284aad21599f317862bdb7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:35:04 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62092
x-xss-protection
0
expires
Thu, 13 Jan 2022 15:35:04 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NC6WC3B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
797
date
Thu, 13 Jan 2022 15:21:47 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 13 Jan 2022 17:21:47 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
jfiL8oUWQMeW6M1xpMePdlWxHPuh2iRPDDhW39DtLYscNW9xUfr9jqGTPtLh3VPge9mXVBD9cP894ZniwOUjUw==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 13 Jan 2022 15:35:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
260989578852010
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/260989578852010?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
47b5851eb43d70404edb99739724c3331a6329922bc150e1cc0c7763eddc6893
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
stG3LcF6tM+Mskpt2Y5M2r/lK//Km8dyMDCOaDf3t01OdhP40iEpkJNwhcZ48Hp3wowqMgWkm0G2ofKcJGC4WQ==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 13 Jan 2022 15:35:04 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ 		352 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://onboarding.gobetterfly.com/
Origin
https://onboarding.gobetterfly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142561
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 05:02:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jan 2023 15:19:03 GMT
collect
analytics.google.com/g/ 		0
354 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-CGD8K793Q0&gtm=2oe1a0&_p=513359186&sr=1600x1200&_gaz=1&ul=en-us&cid=461747869.1642088105&_s=1&dl=https%3A%2F%2Fonboarding.gobetterfly.com%2F%3Futm_medium%3Demail%26utm_source%3Dbetterfly%26utm_campaign%3Dtransactional-comms%26utm_content%3Dprimary_cta&dt=home&sid=1642088104&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.page_path=%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CGD8K793Q0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 15:35:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onboarding.gobetterfly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
345 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-CGD8K793Q0&cid=461747869.1642088105&gtm=2oe1a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CGD8K793Q0&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 15:35:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onboarding.gobetterfly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-WG2C5D4SER&gtm=2oe1a0&_p=513359186&sr=1600x1200&_gaz=1&ul=en-us&cid=461747869.1642088105&_s=1&dl=https%3A%2F%2Fonboarding.gobetterfly.com%2F%3Futm_medium%3Demail%26utm_source%3Dbetterfly%26utm_campaign%3Dtransactional-comms%26utm_content%3Dprimary_cta&dt=home&sid=1642088104&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.page_path=%2F
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WG2C5D4SER&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 15:35:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onboarding.gobetterfly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-WG2C5D4SER&cid=461747869.1642088105&gtm=2oe1a0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-WG2C5D4SER&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 15:35:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onboarding.gobetterfly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		0
0
ga-audiences
www.google.de/ads/ 		0
0
/
www.facebook.com/tr/ 		44 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260989578852010&ev=PageView&dl=https%3A%2F%2Fonboarding.gobetterfly.com%2F%3Futm_medium%3Demail%26utm_source%3Dbetterfly%26utm_campaign%3Dtransactional-comms%26utm_content%3Dprimary_cta&rl=&if=false&ts=1642088104562&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642088104562.1334135346&it=1642088104421&coo=false&rqm=GET
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:35:04 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Thu, 13 Jan 2022 15:35:04 GMT
hotjar-2239473.js
static.hotjar.com/c/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-2239473.js?sv=6
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/static/js/main.2d314229.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-113.fra2.r.cloudfront.net
Software
/
Resource Hash
6888df1fe7a2bde73b481a4dac8c7c9042b3d84c6ab13b4e6692c18f00d39479
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:35:04 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/020aafbb06f807e08e597ed5a4189dfa
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cross-origin-resource-policy
cross-origin
x-amz-cf-id
z6DEnqUwEPOGdf32PwD3ThCOYGZ_8k38T0Qfe1U6JpO_SoxcWuzdwA==
via
1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
background_girl.bd6bdba888ae72a6e1b0.jpeg
onboarding.gobetterfly.com/static/media/ 		241 KB
243 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onboarding.gobetterfly.com/static/media/background_girl.bd6bdba888ae72a6e1b0.jpeg
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a71427ca495689f9be81f589589adc05ef20102d3a589c5557a9785d68af75c9
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 10:42:17 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
17568
country-region-name
Madrid
x-cache
Hit from cloudfront
content-length
246904
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 18:54:22 GMT
server
AmazonS3
country-region
MD
country-name
Spain
x-frame-options
DENY
etag
"9798e25abf289f648e033c891ee38961"
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-amz-version-id
7HeKj5tn3dpgcqs4kgBRF03Pzuwf8O1A
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/jpeg
x-amz-cf-id
IYk9ueWq4toLBkZcWW5cicJyc9eGoCN52Q8oF0bKXTdB578cG1WLWA==
background_mobile.2b9b2edee7a32fb2ac8d36a84b875bde.svg
onboarding.gobetterfly.com/static/media/ 		492 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onboarding.gobetterfly.com/static/media/background_mobile.2b9b2edee7a32fb2ac8d36a84b875bde.svg
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c1283d10e2daf8fc3ca06591583fca69ae60e3484b0acc227a69bd114d68fa8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
zRSjO6brNYn02NkwbKlwEDTdz0zIX2mw
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
12073
country-region-name
Jiangsu
x-cache
Hit from cloudfront
content-length
492
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 18:54:21 GMT
server
AmazonS3
country-region
JS
country-name
China
x-frame-options
DENY
date
Thu, 13 Jan 2022 12:13:52 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-type
image/svg+xml
etag
"5a6fb4d187e44333316c531a12a2d9b7"
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
HeJqrGDLqv27C-S33yRcTQnNWXAbivlENLsgxTnWxjJRPWnnq0N1rQ==
/
api.betterfly.cl/front_ws/call/ 		8 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.betterfly.cl/front_ws/call/
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
/
Resource Hash
237315387a52ef0c86db400e5857c001f0af028fede7b4d35284bd229f5d36b9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept
application/json, text/plain, */*
Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 13 Jan 2022 15:35:06 GMT
content-encoding
br
vary
Accept-Encoding, Authorization, Origin, Accept-Language, Cookie
x-amz-cf-pop
FRA2-C1
x-frame-options
SAMEORIGIN
x-cache
Miss from cloudfront
content-language
en
access-control-allow-origin
*
content-type
application/json
x-amz-cf-id
pzVJScsnOfm7_WQNVMlI97lKNoXcPfn05ZDqwmzm_d4-akAsGET_xw==
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
/
api.betterfly.cl/front_ws/call/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.betterfly.cl/front_ws/call/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-56.fra2.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://onboarding.gobetterfly.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
text/html; charset=utf-8
content-length
0
date
Thu, 13 Jan 2022 15:35:05 GMT
vary
Origin, Accept-Language, Cookie
access-control-allow-origin
*
access-control-allow-headers
accept, accept-encoding, authorization, content-type, dnt, origin, user-agent, x-csrftoken, x-requested-with
access-control-allow-methods
DELETE, GET, OPTIONS, PATCH, POST, PUT
access-control-max-age
86400
content-language
en
x-cache
Miss from cloudfront
via
1.1 eab88762658052b4a1e386f8521a38ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
frg6vWjhAxvqd9kT0HfOEHI6NUWAI8_B16-zh3Sc749VaSZPdby6Tg==
LatoBold.a642f52182424b9715c4.woff2
onboarding.gobetterfly.com/static/media/ 		20 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://onboarding.gobetterfly.com/static/media/LatoBold.a642f52182424b9715c4.woff2
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/static/css/main.d925ae95.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9a50072d17be4cd0744ec5470c503d2d1638e993c7e351a6b66817fd46445bea
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onboarding.gobetterfly.com/static/css/main.d925ae95.css
Origin
https://onboarding.gobetterfly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
ea6dOXh.EF1qz_I.7tYAfBsZJou2958N
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options
nosniff
country-region-name
Santiago Metropolitan
age
17568
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
20524
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 18:54:20 GMT
server
AmazonS3
country-region
RM
country-name
Chile
x-frame-options
DENY
date
Thu, 13 Jan 2022 10:42:17 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST
content-type
application/octet-stream
access-control-allow-origin
https://onboarding.gobetterfly.com
access-control-allow-credentials
true
etag
"1ea279d01a288c072e2fc63f24dc4dc3"
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
pfgUGY7bcs1BMqhd60CsM5vg-CSKjhfCZJ63AdP5FlJGRZ8QY257kA==
LatoRegular.409a6b679ab6f70dd7a2.woff2
onboarding.gobetterfly.com/static/media/ 		20 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://onboarding.gobetterfly.com/static/media/LatoRegular.409a6b679ab6f70dd7a2.woff2
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/static/css/main.d925ae95.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c53e8d71521a9116032817dc395ae2de8c57255b9c10b74b6e9881d0e3464e8
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onboarding.gobetterfly.com/static/css/main.d925ae95.css
Origin
https://onboarding.gobetterfly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
70GvX7JGq1Nhz5yo760ipN2sTJpwu1iP
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options
nosniff
country-region-name
Region del Biobio
age
17699
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
20304
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 18:54:22 GMT
server
AmazonS3
country-region
BI
country-name
Chile
x-frame-options
DENY
date
Thu, 13 Jan 2022 10:40:06 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST
content-type
application/octet-stream
access-control-allow-origin
https://onboarding.gobetterfly.com
access-control-allow-credentials
true
etag
"eb4d7a8908b64161591a9b01017e1637"
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
I526ioDcHfsbsLnqxbuLwdI6R7I52Bn3bXLC70_WmUSIMKM44NkYmQ==
LatoLight.f92c8d64840d2c1296ab.woff2
onboarding.gobetterfly.com/static/media/ 		19 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://onboarding.gobetterfly.com/static/media/LatoLight.f92c8d64840d2c1296ab.woff2
Requested by
Host: onboarding.gobetterfly.com
URL: https://onboarding.gobetterfly.com/static/css/main.d925ae95.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
79826d167675ceb0f3f46b1ff3e275798fbac2274e29f4abcc40e6552b78e4f2
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://onboarding.gobetterfly.com/static/css/main.d925ae95.css
Origin
https://onboarding.gobetterfly.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 14:43:16 GMT
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
x-content-type-options
nosniff
country-region-name
Santiago Metropolitan
age
3109
x-cache
Hit from cloudfront
access-control-max-age
3000
content-length
19804
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 18:54:21 GMT
server
AmazonS3
country-region
RM
country-name
Chile
x-frame-options
DENY
etag
"5bd4d468461aaac124e566c75fb01c4d"
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST
x-amz-version-id
SJOy5QyR0fCpYe5nSc9Aw4YMZuzPsXlG
access-control-allow-origin
https://onboarding.gobetterfly.com
access-control-allow-credentials
true
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/octet-stream
x-amz-cf-id
bwnOm7UoxGq7FrbFNl9kS_ayCaXS5kvfJQu6823l-bXM6CxYlhlXQA==
pubb0a69b62bc694b7caaa39c487b9d471f
rum.browser-intake-us3-datadoghq.com/v1/input/ 		2 B
117 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-us3-datadoghq.com/v1/input/pubb0a69b62bc694b7caaa39c487b9d471f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aprod%2Cservice%3Aonboarding%2Cversion%3A1.0.5&batch_time=1642088104691
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.51.76.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 13 Jan 2022 15:35:05 GMT
cross-origin-resource-policy
cross-origin
content-length
2
content-type
application/json
anchor
www.google.com/recaptcha/api2/ Frame BCC4 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3&co=aHR0cHM6Ly9vbmJvYXJkaW5nLmdvYmV0dGVyZmx5LmNvbTo0NDM.&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=kk4dbkcao1zt
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
bb36981f8e67e4f95e55d622ce397820f5e2464f240c0f03c861ff40d1fdba62
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YeqIMW59tRWwMWmps2qaGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 13 Jan 2022 15:35:04 GMT
content-security-policy
script-src 'report-sample' 'nonce-YeqIMW59tRWwMWmps2qaGw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20196
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
modules.95d56a8fe70e88a7dcd9.js
script.hotjar.com/ 		229 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.95d56a8fe70e88a7dcd9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2239473.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.22.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-22-49.fra56.r.cloudfront.net
Software
/
Resource Hash
4fd4f9c63843aebb667973c535aa77d95795ebb28635e01b62cf81dfb44aee32
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 11 Jan 2022 13:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
181739
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
61466
access-control-allow-origin
*
last-modified
Tue, 11 Jan 2022 13:05:10 GMT
etag
"e2ccd91105747342ee4a8ed27f9e5793"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 756f5290bceb9f9b2ec963e0ab326968.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
ZeDaDUM7zORFVoJ4HvRQ4d2pcPODbTkYLQ-9tCyRAEUgE7cvll-B0g==
box-21ccaa45726c0f3c8c458f7a87eb2298.html
vars.hotjar.com/ Frame E40D 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-21ccaa45726c0f3c8c458f7a87eb2298.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-2239473.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.215.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-215-26.fra53.r.cloudfront.net
Software
/
Resource Hash
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/

Response headers

content-type
text/html
content-length
1044
date
Mon, 08 Nov 2021 14:05:19 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
etag
"6a4e2ae376c29011d2e53de65a08d0b7"
last-modified
Tue, 01 Jun 2021 09:17:15 GMT
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
fKOhgtUekXeDecCs-Lm53iw16Knpk5PQGdgtEyE6gdrrNmnUwZKYtg==
age
5707785
visit-data
in.hotjar.com/api/v2/client/sites/2239473/ 		146 B
321 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/2239473/visit-data?sv=6
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.228.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-228-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Thu, 13 Jan 2022 15:35:04 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
2239473
vc.hotjar.io/sessions/ 		0
256 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vc.hotjar.io/sessions/2239473?s=0.25&r=0.24506789481581492
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-115.fra2.r.cloudfront.net
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:35:04 GMT
via
1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
server
Python/3.7 aiohttp/3.5.4
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
access-control-allow-origin
*
cache-control
no-store
x-amz-cf-id
ox3qLzDF7AXD-V9wpkB2t3klMO_4-dgsDnv0F1Q1M0ewx6t-3UdPIQ==
styles__ltr.css
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ Frame BCC4 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3&co=aHR0cHM6Ly9vbmJvYXJkaW5nLmdvYmV0dGVyZmx5LmNvbTo0NDM.&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=kk4dbkcao1zt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bcd1f7e49f79b765f936bdae5a06d5a63529d8b21a588011146de94f927524
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:01:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2015
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24158
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 05:02:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jan 2023 15:01:29 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ Frame BCC4 		352 KB
139 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3&co=aHR0cHM6Ly9vbmJvYXJkaW5nLmdvYmV0dGVyZmx5LmNvbTo0NDM.&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=kk4dbkcao1zt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:19:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
961
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
142561
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 05:02:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Jan 2023 15:19:03 GMT
js
www.google-analytics.com/gtm/ 		100 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=OPT-PCTJ4FP&t=gtm4&cid=461747869.1642088105
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2aa5fee1bd32e1d56c4d92b1ecae773743b9bfc62908ec01c8d380c644f055e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:35:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39026
x-xss-protection
0
expires
Thu, 13 Jan 2022 15:35:05 GMT
content
ws28.hotjar.com/api/v2/sites/2239473/recordings/ 		66 B
393 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ws28.hotjar.com/api/v2/sites/2239473/recordings/content
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.220.174.100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-220-174-100.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c83f84a038bc0665a9050db810c335568c14ad4fb72afbde8470496b5e42e1fa

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

Date
Thu, 13 Jan 2022 15:35:05 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Max-Age
86400
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Transfer-Encoding
chunked
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame BCC4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 07:03:19 GMT
x-content-type-options
nosniff
age
549106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 14 Jan 2022 07:03:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BCC4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3&co=aHR0cHM6Ly9vbmJvYXJkaW5nLmdvYmV0dGVyZmx5LmNvbTo0NDM.&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=kk4dbkcao1zt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 16:22:02 GMT
x-content-type-options
nosniff
age
256383
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Tue, 10 Jan 2023 16:22:02 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame BCC4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3&co=aHR0cHM6Ly9vbmJvYXJkaW5nLmdvYmV0dGVyZmx5LmNvbTo0NDM.&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=kk4dbkcao1zt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4019:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 06 Jan 2022 22:50:40 GMT
x-content-type-options
nosniff
age
578665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Fri, 06 Jan 2023 22:50:40 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame BCC4 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3&co=aHR0cHM6Ly9vbmJvYXJkaW5nLmdvYmV0dGVyZmx5LmNvbTo0NDM.&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=kk4dbkcao1zt
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cbecd7098b07528fa43facb46bb3c5bda20951f7129c506f3d910fbe9ab9fd9c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3&co=aHR0cHM6Ly9vbmJvYXJkaW5nLmdvYmV0dGVyZmx5LmNvbTo0NDM.&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=kk4dbkcao1zt
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:35:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 15:35:05 GMT
reload
www.google.com/recaptcha/api2/ Frame BCC4 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9025ecae4ca3f042efda85fa29bcbb9dd41e592b8c0bab6b58567011a840fb39
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcvvQAdAAAAAIOk2W1pJwTczNazSPYvPiznMUs3&co=aHR0cHM6Ly9vbmJvYXJkaW5nLmdvYmV0dGVyZmx5LmNvbTo0NDM.&hl=de&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=kk4dbkcao1zt
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Thu, 13 Jan 2022 15:35:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16573
x-xss-protection
1; mode=block
expires
Thu, 13 Jan 2022 15:35:05 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=513359186&t=pageview&_s=1&dl=https%3A%2F%2Fonboarding.gobetterfly.com%2F%3Futm_medium%3Demail%26utm_source%3Dbetterfly%26utm_campaign%3Dtransactional-comms%26utm_content%3Dprimary_cta&ul=en-us&de=UTF-8&dt=Betterfly&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAEADQAAAAC~&jid=1893566978&gjid=1974919689&cid=461747869.1642088105&tid=UA-126556369-8&_gid=435892183.1642088105&_r=1&gtm=2wg1a0NC6WC3B&z=1030926366
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4019:80c::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 15:35:05 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://onboarding.gobetterfly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=OPT-PCTJ4FP&cv=89&t=ol&s=h1&h=1420&g=624&p=gtm&o=4000&l=1420&q=807&f=609&e=6&i=32&d=1251&c=-63&hc=0&sr=0.050000&ps=0.012479967707428097&cb=1461852338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Jan 2022 15:35:05 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-126556369-8&cid=461747869.1642088105&jid=1893566978&gjid=1974919689&_gid=435892183.1642088105&_u=aCDAAEACQAAAAC~&z=806045290
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 13 Jan 2022 15:35:05 GMT
content-type
text/plain
access-control-allow-origin
https://onboarding.gobetterfly.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=260989578852010&ev=Microdata&dl=https%3A%2F%2Fonboarding.gobetterfly.com%2F%3Futm_medium%3Demail%26utm_source%3Dbetterfly%26utm_campaign%3Dtransactional-comms%26utm_content%3Dprimary_cta&rl=&if=false&ts=1642088106065&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Betterfly%22%2C%22meta%3Adescription%22%3A%22Transforma%20tus%20h%C3%A1bitos%20saludables%20en%20donaciones%20sociales.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642088104562.1334135346&it=1642088104421&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Thu, 13 Jan 2022 15:35:06 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Thu, 13 Jan 2022 15:35:06 GMT
/
onboarding.gobetterfly.com/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.80.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-80-57.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37a916367a0583bf85c5a8d1754981e5d180dd5debd01986decd92005c965e8b
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id
0Cy2RAodrZQpPq40q_vjqOpDr7hSHceb
content-encoding
gzip
etag
W/"d9204945364010d40057ce2a793ad922"
age
76252
country-region-name
Guangdong
x-cache
Hit from cloudfront
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 18:54:19 GMT
server
AmazonS3
country-region
GD
country-name
China
x-frame-options
DENY
date
Wed, 12 Jan 2022 18:24:15 GMT
vary
Accept-Encoding
content-type
text/html
via
1.1 edfd22ec6695cdc9d7ac634220af1314.cloudfront.net (CloudFront)
content-security-policy
block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
LJbceva9CUcdBZlKEMRsm2eu1HOsnfrm9GSlCBSPicJJXfZCtBRmsA==
x-content-type-options
nosniff
1f1e8-1f1f1.svg
twemoji.maxcdn.com/2/svg/ 		521 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://twemoji.maxcdn.com/2/svg/1f1e8-1f1f1.svg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.57 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ec23ee46eeb42a80108bc249a6bb2214ec44f150647466e57468ebf35e145dc3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://onboarding.gobetterfly.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-fastly-request-id
c42c26c8a621295752a096d142492b74dcd522c6
date
Thu, 13 Jan 2022 15:35:06 GMT
content-encoding
gzip
x-cache
HIT
powered-by
MaxCDN
last-modified
Tue, 01 Jun 2021 07:52:51 GMT
server
NetDNA-cache/2.2
x-github-request-id
DFFE:1F0A:39141E:3B284B:61DDFB40
etag
W/"60b5e753-209"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
permissions-policy
interest-cohort=()
x-origin-cache
HIT
x-proxy-cache
MISS
expires
Sat, 12 Feb 2022 15:35:06 GMT
/
api-js.mixpanel.com/track/ 		25 B
410 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-js.mixpanel.com/track/?verbose=1&ip=1&_=1642088109241
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.241.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
51.241.186.35.bc.googleusercontent.com
Software
envoy /
Resource Hash
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
Security Headers
Name Value
Strict-Transport-Security max-age=604800; includeSubDomains

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=604800; includeSubDomains
via
1.1 google
server
envoy
access-control-allow-headers
X-Requested-With
date
Thu, 13 Jan 2022 15:35:09 GMT
access-control-max-age
1728000
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://onboarding.gobetterfly.com
access-control-expose-headers
X-MP-CE-Backoff
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-envoy-upstream-service-time
30
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25
pubb0a69b62bc694b7caaa39c487b9d471f
rum.browser-intake-us3-datadoghq.com/v1/input/ 		2 B
116 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rum.browser-intake-us3-datadoghq.com/v1/input/pubb0a69b62bc694b7caaa39c487b9d471f?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cenv%3Aprod%2Cservice%3Aonboarding%2Cversion%3A1.0.5&batch_time=1642088109331
Requested by
Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.51.76.10 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://onboarding.gobetterfly.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Thu, 13 Jan 2022 15:35:09 GMT
cross-origin-resource-policy
cross-origin
content-length
2
content-type
application/json

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CGD8K793Q0&cid=461747869.1642088105&gtm=2oe1a0&aip=1&z=146433307
Domain
www.google.de
URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WG2C5D4SER&cid=461747869.1642088105&gtm=2oe1a0&aip=1&z=1853123568

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| onsecuritypolicyviolation object| onslotchange object| dataLayer object| DD_RUM object| DD_LOGS number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| _ object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| onYouTubeIframeAPIReady object| gaGlobal function| hj object| _hjSettings string| _scriptPath object| recaptcha object| closure_lm_640329 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| gaplugins object| gaData object| google_optimize

16 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABBMTcMSmUMYpbCPhMKYJWm9k_3rmRXR4Dyp8Xpu-Sc8OMlxfGWyFCHqusux8R9TJDipBuMUE7y74mnJWRfOYCQ
onboarding.gobetterfly.com/ Name: _dd_s
Value: rum=1&id=dc2d4868-c9b5-418e-82d9-9f9c0a934321&created=1642088104171&expire=1642089004179&logs=1
.gobetterfly.com/ Name: mp_c14899a212b3b11d4246492ca750dade_mixpanel
Value: %7B%22distinct_id%22%3A%20%2217e5414013394c-07cd1b4e363733-f791b31-1d4c00-17e541401344ae%22%2C%22%24device_id%22%3A%20%2217e5414013394c-07cd1b4e363733-f791b31-1d4c00-17e541401344ae%22%2C%22utm_source%22%3A%20%22betterfly%22%2C%22utm_medium%22%3A%20%22email%22%2C%22utm_campaign%22%3A%20%22transactional-comms%22%2C%22utm_content%22%3A%20%22primary_cta%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%7D
.gobetterfly.com/ Name: _ga_CGD8K793Q0
Value: GS1.1.1642088104.1.0.1642088104.60
.gobetterfly.com/ Name: _ga_WG2C5D4SER
Value: GS1.1.1642088104.1.0.1642088104.60
.gobetterfly.com/ Name: _fbp
Value: fb.1.1642088104562.1334135346
.gobetterfly.com/ Name: _hjSessionUser_2239473
Value: eyJpZCI6ImI0NDAzMzU5LWIyMmMtNTI0Zi1hYmZiLWZlNDQxZTQ0NWViYiIsImNyZWF0ZWQiOjE2NDIwODgxMDQ3ODcsImV4aXN0aW5nIjpmYWxzZX0=
.gobetterfly.com/ Name: _hjFirstSeen
Value: 1
onboarding.gobetterfly.com/ Name: _hjIncludedInSessionSample
Value: 1
.gobetterfly.com/ Name: _hjSession_2239473
Value: eyJpZCI6IjEwY2I3ZGEwLWE4MTQtNDA0ZC05OWRiLTZmNGEwYzk2MzAzYiIsImNyZWF0ZWQiOjE2NDIwODgxMDQ4NDQsImluU2FtcGxlIjp0cnVlfQ==
onboarding.gobetterfly.com/ Name: _hjIncludedInPageviewSample
Value: 1
.gobetterfly.com/ Name: _hjAbsoluteSessionInProgress
Value: 1
.gobetterfly.com/ Name: _ga
Value: GA1.2.461747869.1642088105
.gobetterfly.com/ Name: _gid
Value: GA1.2.435892183.1642088105
.gobetterfly.com/ Name: _opt_utmc
Value: transactional-comms
.gobetterfly.com/ Name: _gat_UA-126556369-8
Value: 1

3 Console Messages

Source Level URL
Text
security error URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-CGD8K793Q0&cid=461747869.1642088105&gtm=2oe1a0&aip=1&z=146433307' because it violates the following Content Security Policy directive: "img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com".
security error URL: https://onboarding.gobetterfly.com/?utm_medium=email&utm_source=betterfly&utm_campaign=transactional-comms&utm_content=primary_cta
Message:
Refused to load the image 'https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-WG2C5D4SER&cid=461747869.1642088105&gtm=2oe1a0&aip=1&z=1853123568' because it violates the following Content Security Policy directive: "img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com".
security error URL: https://script.hotjar.com/modules.95d56a8fe70e88a7dcd9.js(Line 1)
Message:
Refused to connect to 'wss://ws28.hotjar.com/api/v2/client/ws' because it violates the following Content Security Policy directive: "connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; default-src 'none'; img-src 'self' https://www.google-analytics.com https://www.facebook.com https://twemoji.maxcdn.com https://www.googletagmanager.com https://analytics.google.com https://www.google.cl https://optimize.google.com https://script.hotjar.com; script-src 'self' https://www.gstatic.com https://www.google.com https://www.datadoghq-browser-agent.com https://www.googletagmanager.com https://static.hotjar.com https://script.hotjar.com https://www.google-analytics.com https://cdn.mxpnl.com https://connect.facebook.net https://www.googleanalytics.com https://optimize.google.com 'unsafe-inline'; style-src 'self' https://optimize.google.com https://fonts.googleapis.com 'unsafe-inline'; object-src 'none'; font-src 'self' https://fonts.gstatic.com https://script.hotjar.com data:; frame-ancestors 'self'; frame-src 'self' https://www.google.com https://cs201.salesforce.com https://vars.hotjar.com https://webto.salesforce.com https://optimize.google.com https://webto.salesforce.com; connect-src 'self' https://rum.browser-intake-us3-datadoghq.com https://logs.browser-intake-us3-datadoghq.com https://api.betterfly.cl/ https://api-js.mixpanel.com https://*.hotjar.com https://*.hotjar.io https://www.google-analytics.com https://stats.g.doubleclick.net https://analytics.google.com wss://ws6.hotjar.com; base-uri 'self'; form-action 'self' https://cs201.salesforce.com https://webto.salesforce.com; manifest-src 'self';
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api-js.mixpanel.com
api.betterfly.cl
connect.facebook.net
fonts.gstatic.com
in.hotjar.com
onboarding.gobetterfly.com
rum.browser-intake-us3-datadoghq.com
script.hotjar.com
static.hotjar.com
stats.g.doubleclick.net
twemoji.maxcdn.com
url5419.betterfly.cl
vars.hotjar.com
vc.hotjar.io
ws28.hotjar.com
www.datadoghq-browser-agent.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.google.de
13.224.193.56
13.225.79.159
13.225.80.113
13.225.80.115
13.225.80.57
13.32.22.49
143.204.215.26
167.89.123.124
20.51.76.10
23.111.9.57
2a00:1450:4001:811::2003
2a00:1450:4001:811::2008
2a00:1450:4001:82f::2004
2a00:1450:4001:831::200e
2a00:1450:400c:c06::9c
2a00:1450:4019:80b::2003
2a00:1450:4019:80c::200e
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
35.186.241.51
52.30.228.41
54.220.174.100
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1328fdb36a1c8ca148d68a0093772adbf73d4e3bd10698836366c558150b32bd
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1f5f43b2574ff0adf1a18e49b6c216d7048cde36b6adc54b4a30ee31f9991e99
237315387a52ef0c86db400e5857c001f0af028fede7b4d35284bd229f5d36b9
2aa5fee1bd32e1d56c4d92b1ecae773743b9bfc62908ec01c8d380c644f055e9
30886bcaa4bc9292431c9ae196c0b6bbcc4e4311b4839780c91a09c771c76c6e
37a916367a0583bf85c5a8d1754981e5d180dd5debd01986decd92005c965e8b
3c1283d10e2daf8fc3ca06591583fca69ae60e3484b0acc227a69bd114d68fa8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
47a92ab625c2b635df00049ed89ec1b23db119633e5b8db03e70b91bd7efa1e9
47b5851eb43d70404edb99739724c3331a6329922bc150e1cc0c7763eddc6893
4fd4f9c63843aebb667973c535aa77d95795ebb28635e01b62cf81dfb44aee32
52595d13c7ea9b701434e612e1dbad8254739463063de67af96c1adf545c2d34
54cc471e6d75456315e6685c7af0dcdee292fddb9c31d4b7b0c5f75eb668d35c
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5c53e8d71521a9116032817dc395ae2de8c57255b9c10b74b6e9881d0e3464e8
6888df1fe7a2bde73b481a4dac8c7c9042b3d84c6ab13b4e6692c18f00d39479
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
79826d167675ceb0f3f46b1ff3e275798fbac2274e29f4abcc40e6552b78e4f2
9025ecae4ca3f042efda85fa29bcbb9dd41e592b8c0bab6b58567011a840fb39
912bc848d461e328a48863196601323b69ed445926c856f23a426efe674e67eb
9a50072d17be4cd0744ec5470c503d2d1638e993c7e351a6b66817fd46445bea
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a70625f37bb1f8c6bf0d4b4bc86c52a421b91245fcfdf4067b1b005173b64ac2
a71427ca495689f9be81f589589adc05ef20102d3a589c5557a9785d68af75c9
aa5f9d6bdd0e6b24f27748700fa623b67ffcc7e56284aad21599f317862bdb7e
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
bb36981f8e67e4f95e55d622ce397820f5e2464f240c0f03c861ff40d1fdba62
c5da2e1eefbe4efd64ec18b775495cf3011d9ae03842917bfe1b0a50e03a7a44
c83f84a038bc0665a9050db810c335568c14ad4fb72afbde8470496b5e42e1fa
cbecd7098b07528fa43facb46bb3c5bda20951f7129c506f3d910fbe9ab9fd9c
cc4e186033249e2d8a22b9b5e0c59d6b49071c4d6ccb79afe4cd620fb8c6784a
d0bcd1f7e49f79b765f936bdae5a06d5a63529d8b21a588011146de94f927524
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfe19f6619cf6af432d75e3b88fe7939d9cf3732fdf9ed1b7a629cb94f598143
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec23ee46eeb42a80108bc249a6bb2214ec44f150647466e57468ebf35e145dc3
fb54d118f7577cc33392db14a71838756a9f69496d440c35765b3f695f52a175