www.beingwelltogether.org Open in urlscan Pro
2606:4700:3036::ac43:a0e7  Public Scan

Submitted URL: http://info.beingwelltogether.org/NjM4LVhFSC00ODcAAAGEmW8G_NwWckiR27Lyiw2iKuqaNS4m4E6Ui2PQIKo_VCQwoW7VO2l9NF-2mxR-5lnxR5ZlWF0=
Effective URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1...
Submission: On May 25 via api from IE — Scanned from GB

Summary

This website contacted 19 IPs in 5 countries across 17 domains to perform 56 HTTP transactions. The main IP is 2606:4700:3036::ac43:a0e7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.beingwelltogether.org.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 24th 2021. Valid for: a year.
This is the only time www.beingwelltogether.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
20 beingwelltogether.org
info.beingwelltogether.org
www.beingwelltogether.org
573 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37
21 KB
7 marketo.com
app-lon03.marketo.com — Cisco Umbrella Rank: 372391
146 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 511
www.linkedin.com — Cisco Umbrella Rank: 616
px4.ads.linkedin.com — Cisco Umbrella Rank: 4745
4 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
395 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 91
53 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 7
1 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237
32 KB
1 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 3062
501 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 92
452 B
1 t.co
t.co — Cisco Umbrella Rank: 495
337 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 534
354 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 638
14 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 939
3 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71
74 KB
1 postcodeanywhere.co.uk
services.postcodeanywhere.co.uk — Cisco Umbrella Rank: 27481
2 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
1 KB
56 17
Domain Requested by
19 www.beingwelltogether.org info.beingwelltogether.org
www.beingwelltogether.org
9 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.beingwelltogether.org
7 app-lon03.marketo.com www.beingwelltogether.org
app-lon03.marketo.com
3 fonts.gstatic.com fonts.googleapis.com
2 px.ads.linkedin.com 2 redirects
2 www.youtube.com www.googletagmanager.com
www.youtube.com
2 www.google.com www.beingwelltogether.org
2 cdnjs.cloudflare.com www.beingwelltogether.org
1 www.google.co.uk www.beingwelltogether.org
1 stats.g.doubleclick.net www.google-analytics.com
1 px4.ads.linkedin.com www.beingwelltogether.org
1 www.linkedin.com 1 redirects
1 t.co www.beingwelltogether.org
1 analytics.twitter.com www.beingwelltogether.org
1 static.ads-twitter.com www.googletagmanager.com
1 snap.licdn.com www.googletagmanager.com
1 www.googletagmanager.com www.beingwelltogether.org
1 www.gstatic.com www.google.com
1 services.postcodeanywhere.co.uk www.beingwelltogether.org
1 fonts.googleapis.com www.beingwelltogether.org
1 info.beingwelltogether.org
56 21
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-08-24 -
2022-08-23
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.postcodeanywhere.co.uk
Sectigo RSA Domain Validation Secure Server CA
2022-01-18 -
2023-01-18
a year crt.sh
www.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
app-lon03.marketo.com
Cloudflare Inc ECC CA-3
2022-05-10 -
2023-05-10
a year crt.sh
*.gstatic.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA
2022-03-01 -
2023-03-01
a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-21 -
2022-07-26
a year crt.sh
*.google.com
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1
2021-10-31 -
2022-10-30
a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1
2021-12-13 -
2022-12-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh
www.google.co.uk
GTS CA 1C3
2022-05-04 -
2022-07-27
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Frame ID: B3B51F08CBD6008925C4082746699F85
Requests: 54 HTTP requests in this frame

Frame: https://app-lon03.marketo.com/index.php/form/XDFrame
Frame ID: AE6000E5436285A14B1004FCC1028B45
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Financial Wellbeing - Please contact me | Being Well Together

Page URL History Show full URLs

  1. http://info.beingwelltogether.org/NjM4LVhFSC00ODcAAAGEmW8G_NwWckiR27Lyiw2iKuqaNS4m4E6Ui2PQIKo_VCQwoW7VO2l9NF-2... Page URL
  2. https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Overall confidence: 100%
Detected patterns
  • marketo\.\w+/js/forms(?:[\d.]+)/js/forms([\d.]+)\.min\.js

Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

56
Requests

96 %
HTTPS

65 %
IPv6

17
Domains

21
Subdomains

19
IPs

5
Countries

1317 kB
Transfer

2646 kB
Size

22
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://info.beingwelltogether.org/NjM4LVhFSC00ODcAAAGEmW8G_NwWckiR27Lyiw2iKuqaNS4m4E6Ui2PQIKo_VCQwoW7VO2l9NF-2mxR-5lnxR5ZlWF0= Page URL
  2. https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2578218&time=1653473166015&url=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2578218%26time%3D1653473166015%26url%3Dhttps%253A%252F%252Fwww.beingwelltogether.org%252Fget-involved%252Ffinancial-wellbeing-cta-button%252F%253Fmkt_tok%253DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2578218&time=1653473166015&url=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&liSync=true HTTP 302
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2578218&time=1653473166015&url=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&liSync=true&e_ipv6=AQKnkJO9tCLEEAAAAYD6rkVE22EM-Y2WCJQ5uvE-7Gmw5bfuhw5uJHx1XUBAhGgCz2jfkGk

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
NjM4LVhFSC00ODcAAAGEmW8G_NwWckiR27Lyiw2iKuqaNS4m4E6Ui2PQIKo_VCQwoW7VO2l9NF-2mxR-5lnxR5ZlWF0=
info.beingwelltogether.org/
567 B
983 B
Document
General
Full URL
http://info.beingwelltogether.org/NjM4LVhFSC00ODcAAAGEmW8G_NwWckiR27Lyiw2iKuqaNS4m4E6Ui2PQIKo_VCQwoW7VO2l9NF-2mxR-5lnxR5ZlWF0=
Protocol
HTTP/1.1
Server
95.138.158.240 , United Kingdom, ASN15395 (RACKSPACE-LON, GB),
Reverse DNS
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-A+L7xqzJR8aZBmjMWVb9/WDrE3iS/6zQ0nCamw8+nRU=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

Cache-Control
private, no-cache, no-store, max-age=0
Connection
close
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; img-src 'self';script-src 'self' 'sha256-A+L7xqzJR8aZBmjMWVb9/WDrE3iS/6zQ0nCamw8+nRU=';object-src 'none';form-action 'none';frame-src 'none'
Content-Type
text/html
Date
Wed, 25 May 2022 10:06:05 GMT
Referrer-Policy
strict-origin
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Frame-Options
SAMEORIGIN
Primary Request /
www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/
40 KB
8 KB
Document
General
Full URL
https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Requested by
Host: info.beingwelltogether.org
URL: http://info.beingwelltogether.org/NjM4LVhFSC00ODcAAAGEmW8G_NwWckiR27Lyiw2iKuqaNS4m4E6Ui2PQIKo_VCQwoW7VO2l9NF-2mxR-5lnxR5ZlWF0=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d58e27cc22bc402225dc43986efaef510f72a5960c645f6e7cb546941d065edb

Request headers

Referer
http://info.beingwelltogether.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private
cf-cache-status
DYNAMIC
cf-ray
710d74d20c455476-LHR
content-encoding
br
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 10:06:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VfGplVh7KqcEwbvZ56tHFVxRRxtwFJQOKQzsGSdm%2F09fwBDn8B%2BzCf1%2FkOSBSPNQDgOyj%2FCt6ZyzxUU13W6pCqrgKVpGGn%2BX5wF2hg14KfgoiucU2%2B2eRWH9qkZt14AJLk%2B6vVOWFnkluEG4yO6qL0LkbMeG38Ch"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/
5 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open+Sans|Poppins:400,600
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cef1f2042c939f4afe4f85971f201e5588c94e60ef66e4cec9318aa7ca2d5741
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 25 May 2022 10:06:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 25 May 2022 10:06:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 May 2022 10:06:05 GMT
bwt.css
www.beingwelltogether.org/Assets/css/
338 KB
52 KB
Stylesheet
General
Full URL
https://www.beingwelltogether.org/Assets/css/bwt.css
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0c694cc82e76bcd4aa4315b527a793949c27393a9e020cf65ae1ed87d370a2d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:40 GMT
server
cloudflare
etag
W/"0263d6ec6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKG7pagr%2FivYvCT5O%2FBHtJMccd7ZK0jrVqvcBZwzJrWj%2FYNNcgkxZQMaw7em5bgBlMNNzfmA8yn7Xy96jMc9VHRkpklIenRcZW3wl%2Bz1bC4Q2F6gxTUpIHz1HFYNSwZHTRyAhpLxM6BLrWDM4As1sz3N2hBcXsVD"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d2fe025476-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
address-3.40.min.css
services.postcodeanywhere.co.uk/css/
8 KB
2 KB
Stylesheet
General
Full URL
https://services.postcodeanywhere.co.uk/css/address-3.40.min.css
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.233.127 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
127.233.117.34.bc.googleusercontent.com
Software
nginx/1.20.2 /
Resource Hash
51101033cdc7329ffed942af014f90c54110aada6d7790841986beb3fd93ffef

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:05:40 GMT
via
1.1 google
server
nginx/1.20.2
age
25
content-type
text/css;charset=UTF-8
content-encoding
gzip
cache-control
public, max-age=60
x-robots-tag
noindex
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1995
modernizr.min.js
cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/
11 KB
5 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/modernizr/2.8.3/modernizr.min.js
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
3819395
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3980
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-2b4c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9BUCM%2FOIMeWHl8VLX43qYpiMMc4zvP36CnA9l%2F7U3Ss1ALNjZqasqkPHyg9xI7GZqto4QIV%2FiWaUjeL94FGBieYDGo1NJ1Ibe%2Bh7ZxB4N5PaLmw9rDqLtXAe5D4zN2T3S1UtopDGz2ecU%2FlMMsUM6U5N"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
710d74d36859e688-LHR
expires
Mon, 15 May 2023 10:06:05 GMT
api.js
www.google.com/recaptcha/
850 B
966 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
28f7867ed82ffde54a0078cff53dd4aec1d6989a30b2899b9116e6f0c05984f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Wed, 25 May 2022 10:06:05 GMT
being-well-together-logo-ukraine.jpg
www.beingwelltogether.org/media/8963/
231 KB
232 KB
Image
General
Full URL
https://www.beingwelltogether.org/media/8963/being-well-together-logo-ukraine.jpg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27bd861b19ebd6beeadfe1928b5ea02d9029291f884d0fa1fa3e7eef15e50f0a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
cf-cache-status
BYPASS
last-modified
Fri, 18 Mar 2022 13:47:30 GMT
server
cloudflare
etag
"6a1878b6ce3ad81:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p6waSMiQVf3iNhJ5rozW27Faiug%2FYnSw9YKAq0MNOc1s9foqLoGQWmSCLpU35jyZ3Gk3so7ot6%2BRsYZpDyOa5V2kJ6GeGiCol%2FdcYlfaM56w2jOdcdi6qTqXC1EUCmOCbVG2XfMMS9WbPanx0wlSm%2FOIeZwZey1d"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public,max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
710d74d41ff275db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
236477
forms2.min.js
app-lon03.marketo.com/js/forms2/js/
205 KB
68 KB
Script
General
Full URL
https://app-lon03.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 03 May 2022 03:46:42 GMT
server
cloudflare
age
6029
etag
"a02202-3326e-5de135b5b2c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
710d74d44b077470-LHR
vary
Accept-Encoding
expires
Wed, 25 May 2022 14:06:05 GMT
ftr-map.svg
www.beingwelltogether.org/media/1018/
94 KB
34 KB
Image
General
Full URL
https://www.beingwelltogether.org/media/1018/ftr-map.svg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b61cb7b73d1eb7283507fd8f0f9e164c13d61f3790ba02c4bc918f02c992d316

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Tue, 28 Mar 2017 10:56:50 GMT
server
cloudflare
etag
W/"05680b2a7d21:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHNt8KiUCi7sIJlM5cf1VgcTANcFtnNRhIloTgpiO9t9vHA4x9qwmbT9l5pQdvJYb9z6Yg5fPF0It4yquPOIIKE0RV9mXjBV7BGft1AJR6TCCQ1FGH%2FipNc%2BKoD92wFTnKNxNPT14EUeNvrmQWRXUeNFghkPFc%2BB"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public,max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d41ff475db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
being-well-together-logo-white-rgb.png
www.beingwelltogether.org/media/7794/
121 KB
122 KB
Image
General
Full URL
https://www.beingwelltogether.org/media/7794/being-well-together-logo-white-rgb.png
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0447c74c3d101b8e76b1ab81fbb88f5a41996b2be7ba6d8d0a10b34efb60255f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
cf-cache-status
BYPASS
last-modified
Wed, 16 Sep 2020 15:04:42 GMT
server
cloudflare
etag
"0219ab43a8cd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J1UXWNl9G9vh%2B3NUgZq8JdihaaHCCRq8MJeQSII%2BE9lfH3yRXxsMfaL%2FCl95YAVgmpeROTFKHr5DnZqGAZF7UvRoNqE9YgLqfEgGziuSPi%2Fz%2B65VUQbybsVAZifpMzGR8TNDo6nrQfp1DGLFndVOtcifdtm1pe3y"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public,max-age=2592000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
710d74d41ff575db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
123471
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/
84 KB
27 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/2.2.0/jquery.min.js
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1762700
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26983
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-14e55"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=43k%2BicpxC4xV6mnpR72VNPNysE4fJXk42nW5nmMydr1%2FLBwBAlMHWW4SOzaEKPrKTF2YmEfnIsweOf8rjJiLqua1Kezu7BysnQNSYpAPOKuiOrj604NuT7FPRc8H5bhJf%2FYYIiL%2F7gkghYng2wMrSYcW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
710d74d40e5371ba-LHR
expires
Mon, 15 May 2023 10:06:05 GMT
jquery.validate.min.js
www.beingwelltogether.org/Assets/js/
23 KB
9 KB
Script
General
Full URL
https://www.beingwelltogether.org/Assets/js/jquery.validate.min.js
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788b4b14ec9f43877f386cc49c67218b664c545f048468334b493b7d238f89f4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:42 GMT
server
cloudflare
etag
W/"0536e6fc6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tpW%2BhlS%2FPLWEQQgYw2NKrAJmj6h04KOUOIFzR5%2BxnC93QQUFM8LqJnYb27Boc8yAgz8M2O4RX7kIaZQqfG4h%2BE3mcMwH1kcsB4rdRdrWq34CDaYU7M1B7eBAt3VBAvfnb7V73vXctzJ1uJKJHhJm3qXknsvSoUsl"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d41fe775db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.validate.unobtrusive.min.js
www.beingwelltogether.org/Assets/js/
6 KB
4 KB
Script
General
Full URL
https://www.beingwelltogether.org/Assets/js/jquery.validate.unobtrusive.min.js
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16504cdaf2303d0ce120a46fba4b8e5019ff658e6293e16efd1686606cf3e0d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:44 GMT
server
cloudflare
etag
W/"0809f70c6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yt%2FNt%2Bqpykj9axgIlmJNANEYXkWZdaPxZRlU%2B2Iu5QzgbamK0XBDcZ0vzVHxZKYgeJjBkKZixauIpTV10ZA9P2ewe4QF4zrbk6puU6bUHDI8K7dFXKz%2BC0fGd5bs9Ygj7k5piLS9PSSnwjwDz5I2NKj7C7ONpSxd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d41fe875db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.unobtrusive-ajax.min.js
www.beingwelltogether.org/Assets/js/
4 KB
3 KB
Script
General
Full URL
https://www.beingwelltogether.org/Assets/js/jquery.unobtrusive-ajax.min.js
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6ad5a27603f75a791cac31650e628994529f4692654f074e6a365b006911bee

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:42 GMT
server
cloudflare
etag
W/"0536e6fc6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZra45%2F4%2BcRCD7TuUyI6uQzk3IDgEJPLs4hLEVglICL5ln%2BnbVA6VchPjCqfABsR%2FQfojcUI7G%2FzHNNAYP3HhXeRX7X4a7HxknPx63h5kwfsacQaJTOSnS3ZTxGiW7ghlhFq7ETQtFh%2BDsvScYuerwHOJ6VXB%2FAn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d41feb75db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
vendor.js
www.beingwelltogether.org/Assets/js/
204 KB
59 KB
Script
General
Full URL
https://www.beingwelltogether.org/Assets/js/vendor.js
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db08728a04972b8c3eeaffa7528fbeafc6fbc5af39d08e7628e1943fb0c6a9b0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:44 GMT
server
cloudflare
etag
W/"0809f70c6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2FPXBVkvNi%2Fk8AhVnccolRRR8FGOOw6mhFdbHt5EdPxcQ4IU6Vkt9Dn5uS6bS4ZGmEwWUEASSKLn9p3zeU0dVuhLg3pSfoVrgTzFb0FplxQB%2BkOhup2GRCVSQEwAa6HoLYuhTxIpwtCwUZYQAYPBvBqN%2BBN3mmL8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d41fed75db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
app.js
www.beingwelltogether.org/Assets/js/
108 KB
29 KB
Script
General
Full URL
https://www.beingwelltogether.org/Assets/js/app.js
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d672340f65c5fe96aa4bab155ba3f08014d872cdc115bee3d19332a54586784

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:42 GMT
server
cloudflare
etag
W/"0536e6fc6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BRexnvXXcapg6SI5wE99Rb%2F3tPCDOmCknsiSuJaB6TA7o549ycWaBkF5RrlYqRm3zANurDwt4KM3z7NX4ukFQpGsJdqsnYLYTRXGHunJ5GWKcgZkKUd6hKKUcpVgdE7GuutWS4Yw59JgSK5xUDx6UMKrQ2Ne4E1a"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d41fee75db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v29/
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v29/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Poppins:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.beingwelltogether.org
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Mon, 23 May 2022 11:57:13 GMT
x-content-type-options
nosniff
age
166132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16720
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 May 2023 11:57:13 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/
362 KB
362 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/M-QqaF9xk6BpjLH22uHZRhXt/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.beingwelltogether.org/
Origin
https://www.beingwelltogether.org
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 05:58:03 GMT
x-content-type-options
nosniff
age
14882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
370206
x-xss-protection
0
last-modified
Mon, 16 May 2022 04:03:20 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 25 May 2023 05:58:03 GMT
gtm.js
www.googletagmanager.com/
234 KB
74 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-KNNBBV8
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e753a034ec1f20e50bebbb78847c2c6fbb138f6bbd854216e57078b44c384200
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
75214
x-xss-protection
0
last-modified
Wed, 25 May 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 25 May 2022 10:06:05 GMT
icon-basket-blue.svg
www.beingwelltogether.org/Assets/img/icons/
643 B
2 KB
Image
General
Full URL
https://www.beingwelltogether.org/Assets/img/icons/icon-basket-blue.svg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/Assets/css/bwt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88499691ba96262432a4badc970121cf8e6e7617cb371851378991f89d55b2cf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/Assets/css/bwt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:40 GMT
server
cloudflare
etag
W/"0263d6ec6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbbTEXFam3n8QgDNUQUIr8mxIb022TIrG6Voh7ZpmVJqywb%2BWlpqOMEye2OUaXHD0XU9HrmbNIVCdTpM9opgc9q0CK0WGapMX%2FOh71xNLHMcck5cDdeZ8bU3HAQ2hDL%2BJsqqvFZOvf%2FoSxAj%2BVnqYBM6nJUHH7fy"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d42fff75db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon-search-blue.svg
www.beingwelltogether.org/Assets/img/icons/
1 KB
2 KB
Image
General
Full URL
https://www.beingwelltogether.org/Assets/img/icons/icon-search-blue.svg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/Assets/css/bwt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef7d2621cbb0ccbd1433ea27174dbe65a6f7024cf765005727996b86df174509

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/Assets/css/bwt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:40 GMT
server
cloudflare
etag
W/"0263d6ec6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81C5iavhcO0fnHQCANAHfdNO%2FIIVoWsS7r19M07ErHjpIan6C2D0iwuqKaaeqATOYgbOAqr7EpHysp4XnpcbOcfLxnBQOT2uzDy3WnaFunZbZJ5UbfsOW%2FvGJJGFWl42pC285zDMxiMG2uypfr0xXHJVMgrBXQWM"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d4280475db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
red-ribbon.svg
www.beingwelltogether.org/Assets/img/svg/
546 B
2 KB
Image
General
Full URL
https://www.beingwelltogether.org/Assets/img/svg/red-ribbon.svg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/Assets/css/bwt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7235de4c362042455610b34f76b932bd75fd2a8418b2be7b73278fa2aa98874

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/Assets/css/bwt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:42 GMT
server
cloudflare
etag
W/"0536e6fc6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BvjwpQg6WktDKn290XUh81IG3c2vWeZfF8XZTkJDTFM2Uso2Rzhv0JP1QlTpkMpUgcjNrqI2SdsuZwJPaB0JuQLE%2BzE%2B3RcA1gkwdnO%2FKAH1ISMLAnGLtax4Q35wuhdVFYAmYtLCPyi493XZHS%2Fg9dzoJHEJQfF0"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d4280775db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Poppins:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.beingwelltogether.org
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 21:23:03 GMT
x-content-type-options
nosniff
age
564182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 21:23:03 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Poppins:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.beingwelltogether.org
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 18 May 2022 19:24:53 GMT
x-content-type-options
nosniff
age
571272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 May 2023 19:24:53 GMT
getForm
app-lon03.marketo.com/index.php/form/
16 KB
4 KB
Script
General
Full URL
https://app-lon03.marketo.com/index.php/form/getForm?munchkinId=638-XEH-487&form=2947&url=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F&callback=jQuery112404126954068048423_1653473165551&_=1653473165552
Requested by
Host: app-lon03.marketo.com
URL: https://app-lon03.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08d980a0078833500164c11d121da467e86838848192c828ff01a15575352bbe
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
strict-transport-security
max-age=63113904
cf-ray
710d74d4ec087470-LHR
cached
false
ftr-stripes.svg
www.beingwelltogether.org/Assets/img/svg/
25 KB
6 KB
Image
General
Full URL
https://www.beingwelltogether.org/Assets/img/svg/ftr-stripes.svg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/Assets/css/bwt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a6986110b37fdabf6ec326fe199098afd95e5575ed7a78e37558bac56d89db

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/Assets/css/bwt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:42 GMT
server
cloudflare
etag
W/"0536e6fc6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFX%2B8dF0QtCGCtjIwdrpbt9LhorjnwGymKtG4hFJ8lgpldD3uP8unEwXSiWLeVXNtIqqTeRZB8pN50OfwtRnxwSHTa6hkxOiUEiOsT6yNJHjAseWzjoYRomVWrc6XLSBhRjx%2FDubx6cPVH%2Bh3ggAnEMfBtPLlzfj"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d4f99375db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon-facebook-white.svg
www.beingwelltogether.org/Assets/img/icons/
958 B
2 KB
Image
General
Full URL
https://www.beingwelltogether.org/Assets/img/icons/icon-facebook-white.svg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/Assets/css/bwt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0aa8601eaf3c4c074b03d3ccf49c4feaa79b398e9ece1db908ef6e1cc274be2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/Assets/css/bwt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:40 GMT
server
cloudflare
etag
W/"0263d6ec6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DXXMlYzuk87ROMMyv8KCiBPfi3qEBZg1KIakBPTZRE4AWg0EMHl9LIfQxh0YyvfDz0npNVq%2FPjzdcuYZkhJooWsLAHlhLFvn8P5jyecSdttH7y41vkGv96Rd2cerq98uk3MHDWB72cVEg5xCIAE2l4IFNBgaSS6B"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d4f99975db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon-twitter-white.svg
www.beingwelltogether.org/Assets/img/icons/
2 KB
2 KB
Image
General
Full URL
https://www.beingwelltogether.org/Assets/img/icons/icon-twitter-white.svg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/Assets/css/bwt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c5264e935b712ef08751b873fe365f0312be59f66257874c1eac86ef409e867

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/Assets/css/bwt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:42 GMT
server
cloudflare
etag
W/"0536e6fc6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TU7oQkE2ASv9m2EPgtEbqXtQ2MmK%2FPJvyv0ECgTlC5xj3hni%2Bxj0%2BABcA%2FF73fGcWoY5eCmCYfJfVJQ9ygDZ9RhYEGKCmdCjLAYPWNdrxB4JJU1uBbW2KGPt6I3Equ%2F0vURo%2BS2oWYKzTVzbU6LA8xzk%2BrDS78gy"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d4f99d75db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon-linkedin-white.svg
www.beingwelltogether.org/Assets/img/icons/
1 KB
2 KB
Image
General
Full URL
https://www.beingwelltogether.org/Assets/img/icons/icon-linkedin-white.svg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/Assets/css/bwt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171d43f5024c6898a87803a857f1de096d6cd68aca9985e76c45210260273a6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/Assets/css/bwt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:40 GMT
server
cloudflare
etag
W/"0263d6ec6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RNGK4arQ7EAT8sEQElxuf%2BlEckmBbejP83QNNQgiPUWAypji5hZ9YlT%2FvwadXBgh47JplUWHljzK6YMHZxKg%2BlBa0A6rDrhZ1zFvhdiJqC2%2BVx12ZNOVrdgjMUD5m8LVsChYAzJkLxpwf6s2FPZbGtN90XxD%2FSaw"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d4f9a075db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
icon-up.svg
www.beingwelltogether.org/Assets/img/icons/
791 B
2 KB
Image
General
Full URL
https://www.beingwelltogether.org/Assets/img/icons/icon-up.svg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/Assets/css/bwt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
127b23cee2b82a4b458ba3930a1df6b6d8c5e7acd321c7fc6c27fb1c24494691

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/Assets/css/bwt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:42 GMT
server
cloudflare
etag
W/"0536e6fc6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rxeiGksyNBsebmiVlpqBkRjv0OnVQHcCgV8O9WRwCC%2F9YMK0MJlpOdOBjdlXPZkSVKrdgezuapFttmyzLQOxZ5%2BII7zV22iBp1ycyO89O2en%2FuNA0xKzve1UxCKZNy2geR0SsFXFpEofkeFz09ojIT%2Fe%2FMqMMOOx"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74d54a1275db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
insight.min.js
snap.licdn.com/li.lms-analytics/
8 KB
3 KB
Script
General
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNNBBV8
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:7::17d8:4dc8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date
Wed, 25 May 2022 10:06:05 GMT
Content-Encoding
gzip
Last-Modified
Wed, 13 Apr 2022 23:25:22 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=73244
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3085
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNNBBV8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
1879
date
Wed, 25 May 2022 09:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 25 May 2022 11:34:46 GMT
uwt.js
static.ads-twitter.com/
48 KB
14 KB
Script
General
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNNBBV8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
gzip
last-modified
Wed, 18 May 2022 16:49:30 GMT
etag
"39dd6daafb219ee61305f13521c2d060+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
14051
x-served-by
cache-iad-kjyo7100060-IAD, cache-hhn11552-HHN
iframe_api
www.youtube.com/
980 B
2 KB
Script
General
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KNNBBV8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9c59a36dd2ffea3407d3eb6002bf9bc283c2060c5977e7fb63126ec617a60e11
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
server
ESF
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 25 May 2022 10:06:05 GMT
adsct
analytics.twitter.com/i/
43 B
354 B
Image
General
Full URL
https://analytics.twitter.com/i/adsct?type=javascript&version=2.3.12&p_id=Twitter&p_user_id=0&txn_id=1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=35009d7f-ecbc-4a3e-9fb1-e3bd5eba9b18&tw_document_href=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time
106
date
Wed, 25 May 2022 10:06:05 GMT
server
tsa_f
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8bac19596e381e773680c280bf7c1398d1c8516c6122727be4d62bbe723b3c84
content-length
43
adsct
t.co/i/
43 B
337 B
Image
General
Full URL
https://t.co/i/adsct?type=javascript&version=2.3.12&p_id=Twitter&p_user_id=0&txn_id=1&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&tw_order_quantity=0&tw_sale_amount=0&tw_iframe_status=0&event_id=35009d7f-ecbc-4a3e-9fb1-e3bd5eba9b18&tw_document_href=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

x-response-time
104
date
Wed, 25 May 2022 10:06:05 GMT
server
tsa_f
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
679181899ebecd76c61f186f2cf846862fd669900426db5f6aeac18c0cc968ea
content-length
43
www-widgetapi.js
www.youtube.com/s/player/c5a4daa1/www-widgetapi.vflset/
157 KB
51 KB
Script
General
Full URL
https://www.youtube.com/s/player/c5a4daa1/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3262093fe3863f64d65231d919724ecc0d94cbd95c4d5ccb858d2e229f519ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:45:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
1252
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52193
x-xss-protection
0
last-modified
Mon, 23 May 2022 00:14:54 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 25 May 2023 09:45:14 GMT
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
884 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 09:55:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
658
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 25 May 2022 10:55:08 GMT
collect
px4.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2578218&time=1653473166015&url=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2578218%26time%3D1653473166015%26url%3Dhttps%253A%252F%252Fwww.beingwelltogether....
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2578218&time=1653473166015&url=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00...
  • https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2578218&time=1653473166015&url=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC0...
0
264 B
Image
General
Full URL
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2578218&time=1653473166015&url=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&liSync=true&e_ipv6=AQKnkJO9tCLEEAAAAYD6rkVE22EM-Y2WCJQ5uvE-7Gmw5bfuhw5uJHx1XUBAhGgCz2jfkGk
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Server
13.107.43.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:06 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 77F467BD3102420BA0BA100E3E17C036 Ref B: VIEEDGE2109 Ref C: 2022-05-25T10:06:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-proto
http/2
content-length
0
x-li-uuid
AAXf0zjDHi4OStrXP36IQA==
x-li-fabric
prod-ltx1

Redirect headers

date
Wed, 25 May 2022 10:06:06 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 0672A80F3222417CB02B65367EFFD101 Ref B: VIEEDGE1115 Ref C: 2022-05-25T10:06:06Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
location
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2578218&time=1653473166015&url=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&liSync=true&e_ipv6=AQKnkJO9tCLEEAAAAYD6rkVE22EM-Y2WCJQ5uvE-7Gmw5bfuhw5uJHx1XUBAhGgCz2jfkGk
x-li-proto
http/2
content-length
0
x-li-uuid
AAXf0zi+YOFkJY6+EnrgiQ==
forms2.css
app-lon03.marketo.com/js/forms2/css/
13 KB
3 KB
Stylesheet
General
Full URL
https://app-lon03.marketo.com/js/forms2/css/forms2.css
Requested by
Host: app-lon03.marketo.com
URL: https://app-lon03.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
1856
content-length
2623
last-modified
Tue, 03 May 2022 03:46:42 GMT
server
cloudflare
etag
"a02205-3437-5de135b5b2c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
710d74d7d8b97470-LHR
expires
Wed, 25 May 2022 14:06:06 GMT
forms2-theme-glow.css
app-lon03.marketo.com/js/forms2/css/
3 KB
1 KB
Stylesheet
General
Full URL
https://app-lon03.marketo.com/js/forms2/css/forms2-theme-glow.css
Requested by
Host: app-lon03.marketo.com
URL: https://app-lon03.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc4975bd5c8039a43c369b00294f4a971a4a70d94684c71f2f361a9ec24cd4f7
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
5237
vary
Accept-Encoding
content-length
952
last-modified
Tue, 03 May 2022 03:46:42 GMT
server
cloudflare
etag
"a02208-d92-5de135b5b2c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
text/css
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
710d74d7e8bb7470-LHR
expires
Wed, 25 May 2022 14:06:06 GMT
arrow-down-bk.png
app-lon03.marketo.com/js/forms2/images/
1 KB
1 KB
Image
General
Full URL
https://app-lon03.marketo.com/js/forms2/images/arrow-down-bk.png
Requested by
Host: app-lon03.marketo.com
URL: https://app-lon03.marketo.com/js/forms2/css/forms2-theme-glow.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56533e637a5c980ba4c1653ed7eea219cdbd2e86f1448c1aa38c538cb1f89285
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app-lon03.marketo.com/js/forms2/css/forms2-theme-glow.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:06 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 03 May 2022 03:46:41 GMT
server
cloudflare
etag
"a02210-415-5de135b4bea40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
710d74d869997470-LHR
vary
Accept-Encoding
content-length
1045
expires
Wed, 25 May 2022 14:06:06 GMT
XDFrame
app-lon03.marketo.com/index.php/form/ Frame AE60
2 KB
861 B
Document
General
Full URL
https://app-lon03.marketo.com/index.php/form/XDFrame
Requested by
Host: app-lon03.marketo.com
URL: https://app-lon03.marketo.com/js/forms2/js/forms2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5e0e3f31c2ef249bdf2482535e3fb13ca52a1d56e63a3b474cb6f4d268590bc
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

Referer
https://www.beingwelltogether.org/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
710d74d8da437470-LHR
content-encoding
gzip
content-length
653
content-type
text/html; charset=utf-8
date
Wed, 25 May 2022 10:06:06 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
strict-transport-security
max-age=63113904
vary
Accept-Encoding
x-content-type-options
nosniff
collect
stats.g.doubleclick.net/j/
7 B
452 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-660057-13&cid=236886850.1653473166&jid=781000827&gjid=501499040&_gid=527082878.1653473166&_u=aGBAgEAjAAAAAE~&z=1460197576
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:402::9c Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.beingwelltogether.org/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 25 May 2022 10:06:06 GMT
content-type
text/plain
access-control-allow-origin
https://www.beingwelltogether.org
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=671518579&t=pageview&_s=1&dl=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&dr=http%3A%2F%2Finfo.beingwelltogether.org%2F&dp=%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&ul=en-us&de=UTF-8&dt=Financial%20Wellbeing%20-%20Please%20contact%20me%20%7C%20Being%20Well%20Together&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgEAj~&jid=781000827&gjid=501499040&cid=236886850.1653473166&tid=UA-660057-13&_gid=527082878.1653473166&gtm=2wg5n0KNNBBV8&cd2=1653473165775.38r39rob&cd3=2022-05-25T10%3A06%3A05.775%2B00%3A00&z=2065583461
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 19:21:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53092
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
forms2.min.js
app-lon03.marketo.com/js/forms2/js/ Frame AE60
205 KB
68 KB
Script
General
Full URL
https://app-lon03.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: app-lon03.marketo.com
URL: https://app-lon03.marketo.com/index.php/form/XDFrame
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.95.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
Security Headers
Name Value
Strict-Transport-Security max-age=63113904
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://app-lon03.marketo.com/index.php/form/XDFrame
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Tue, 03 May 2022 03:46:42 GMT
server
cloudflare
age
6030
etag
"a02202-3326e-5de135b5b2c80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=63113904
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
710d74d95b447470-LHR
vary
Accept-Encoding
expires
Wed, 25 May 2022 14:06:06 GMT
ga-audiences
www.google.com/ads/
42 B
63 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-660057-13&cid=236886850.1653473166&jid=781000827&_u=aGBAgEAjAAAAAE~&z=571089618
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 10:06:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/
42 B
501 B
Image
General
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-660057-13&cid=236886850.1653473166&jid=781000827&_u=aGBAgEAjAAAAAE~&z=571089618
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/get-involved/financial-wellbeing-cta-button/?mkt_tok=NjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 25 May 2022 10:06:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
icon-close-blue.svg
www.beingwelltogether.org/Assets/img/icons/
838 B
2 KB
Image
General
Full URL
https://www.beingwelltogether.org/Assets/img/icons/icon-close-blue.svg
Requested by
Host: www.beingwelltogether.org
URL: https://www.beingwelltogether.org/Assets/css/bwt.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a0e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e5371baad8660b6b01efd5825e50c590070551b2c4f09e6ca3150cbe2990965

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/Assets/css/bwt.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date
Wed, 25 May 2022 10:06:06 GMT
content-encoding
br
cf-cache-status
BYPASS
last-modified
Fri, 01 Oct 2021 13:15:40 GMT
server
cloudflare
etag
W/"0263d6ec6b6d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9fY%2Bduy7rOe2w0Y5zQPcCFNehh0VzZ6ME8yLf9prQZwjqxlLvKpO75M%2BDq7iTBDZ4WkbkqKFGV%2FNNz2qh5IAaXBtfVbFw5xiTwLkaRFn7sBqqecZkA0DFZ55b%2BnpMlu9RUwdH0S8E2czogIsGzXTH%2B%2BRpOXRpSI"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public,max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
710d74db8dc475db-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=671518579&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&dr=http%3A%2F%2Finfo.beingwelltogether.org%2F&ul=en-us&de=UTF-8&dt=Financial%20Wellbeing%20-%20Please%20contact%20me%20%7C%20Being%20Well%20Together&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Client%20Id&ea=undefined&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=236886850.1653473166&tid=UA-660057-13&_gid=527082878.1653473166&gtm=2wg5n0KNNBBV8&cd1=236886850.1653473166&z=732687618
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 19:21:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53093
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=671518579&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&dr=http%3A%2F%2Finfo.beingwelltogether.org%2F&ul=en-us&de=UTF-8&dt=Financial%20Wellbeing%20-%20Please%20contact%20me%20%7C%20Being%20Well%20Together&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=interaction-time&ea=%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F&ev=1&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=236886850.1653473166&tid=UA-660057-13&_gid=527082878.1653473166&gtm=2wg5n0KNNBBV8&cm2=1&z=1043291122
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 19:21:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53093
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=671518579&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&dr=http%3A%2F%2Finfo.beingwelltogether.org%2F&ul=en-us&de=UTF-8&dt=Financial%20Wellbeing%20-%20Please%20contact%20me%20%7C%20Being%20Well%20Together&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page-scroll&ea=%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F&el=25%25-50%25&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=236886850.1653473166&tid=UA-660057-13&_gid=527082878.1653473166&gtm=2wg5n0KNNBBV8&cd3=2022-05-25T10%3A06%3A07.99%2B00%3A00&cm1=1&z=118973578
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 19:21:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53093
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=671518579&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&dr=http%3A%2F%2Finfo.beingwelltogether.org%2F&ul=en-us&de=UTF-8&dt=Financial%20Wellbeing%20-%20Please%20contact%20me%20%7C%20Being%20Well%20Together&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=interaction-time&ea=%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F&ev=0&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=236886850.1653473166&tid=UA-660057-13&_gid=527082878.1653473166&gtm=2wg5n0KNNBBV8&cm2=0&z=1319343905
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 19:21:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53093
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=671518579&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&dr=http%3A%2F%2Finfo.beingwelltogether.org%2F&ul=en-us&de=UTF-8&dt=Financial%20Wellbeing%20-%20Please%20contact%20me%20%7C%20Being%20Well%20Together&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=page-scroll&ea=%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F&el=50%25-75%25&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=236886850.1653473166&tid=UA-660057-13&_gid=527082878.1653473166&gtm=2wg5n0KNNBBV8&cd3=2022-05-25T10%3A06%3A07.115%2B00%3A00&cm1=1&z=2133635564
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 19:21:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53093
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=671518579&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.beingwelltogether.org%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F%3Fmkt_tok%3DNjM4LVhFSC00ODcAAAGEmW8G_PdC7g_Shd7nkl599R1imsQ1c4ZLdheAIB-xEttUHx4O-8qEHtN1lM7Okcx_ktv0ESymmZHL8yF_nA-WgJmhKNJw5UnzA2oy4vYfbhc&dr=http%3A%2F%2Finfo.beingwelltogether.org%2F&ul=en-us&de=UTF-8&dt=Financial%20Wellbeing%20-%20Please%20contact%20me%20%7C%20Being%20Well%20Together&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=interaction-time&ea=%2Fget-involved%2Ffinancial-wellbeing-cta-button%2F&ev=0&_u=aHDAgEAjAAAAAE~&jid=&gjid=&cid=236886850.1653473166&tid=UA-660057-13&_gid=527082878.1653473166&gtm=2wg5n0KNNBBV8&cm2=0&z=39015082
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.beingwelltogether.org/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 May 2022 19:21:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
53093
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| html5 object| Modernizr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| dataLayer function| validateSearch object| MktoForms2 function| $ function| jQuery object| EasyAutocomplete function| FastClick function| _ object| Handlebars function| deparam function| Cookies function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| JST object| bsc string| domain object| google_tag_manager function| postscribe object| google_tag_manager_external string| _linkedin_data_partner_id object| google_tag_data string| GoogleAnalyticsObject function| ga function| twq object| recaptcha object| regeneratorRuntime object| twttr object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| gaplugins object| gaGlobal object| gaData function| lintrk boolean| _already_called_lintrk object| jQuery112404126954068048423 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytExports object| ytLoggingTransportGELQueue_ object| ytLoggingTransportGELProtoQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ number| newTimestamp number| lastTimestamp number| diff

22 Cookies

Domain/Path Name / Value
www.beingwelltogether.org/ Name: ASP.NET_SessionId
Value: btggzm24jjw2ybejb4n5wks3
www.beingwelltogether.org/ Name: merchello
Value: F08DC97490919B3764B2DC86699FB245E9A40E8FE6D21E5BD12C2A5A97A49A80307598D33BD01A84FFD7914A1E77319D18A640F1C54C4B2343D5848C4E4BEB55FFA402B45A24F54C9F3DCE681A9612D8205F5E185C00DCA03E84A1933182C9F5B84C4512A5BDB6D4FFDBA406E6FCCFD450AA4F54270D9A95ED0610BA7D45AA7E50A4EABB547D772B4F5D8AEC574991BC5BF05378E0CF77C2205C9E161EFF79CD084FE432E6D0788CC773153A6861CFB9E102B97305EBBFDC76A3149EF3BC9CECB2C5EEDF13D3666111BEE555F98B46F5E30CC517
.app-lon03.marketo.com/ Name: __cf_bm
Value: _F44jIX.EJVEt9ArFBXsH1lDpkAWrv1g5W4XWVTkcMs-1653473165-0-AZfC7x5NtYxSdwYMxlSzTSVjF/zfIh+dA76s0f8kW3XBdHSjGAzEmBMih1IDlulUZ9WIa40jMgKDOJKBkjoSNtU=
.youtube.com/ Name: YSC
Value: ArsYd-s6kK0
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: e3k8LAxaCwU
.beingwelltogether.org/ Name: _ga
Value: GA1.2.236886850.1653473166
.beingwelltogether.org/ Name: _gid
Value: GA1.2.527082878.1653473166
.twitter.com/ Name: personalization_id
Value: "v1_J3PlXCb16OByiOGfXnwrcg=="
.t.co/ Name: muc_ads
Value: 618dbaca-449e-474c-9af3-ee00db89b732
.beingwelltogether.org/ Name: _dc_gtm_UA-660057-13
Value: 1
.linkedin.com/ Name: UserMatchHistory
Value: AQLW5HSdmIJDJQAAAYD6rkOTAACIL5iImj-Z1mGqHLygRYA8lBnWht6kOMpHXJQK78bYmExSpjwCwg
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQK0TkxrMaYoiwAAAYD6rkOTHOEPGhxiec-6e7crSheB7LATiYKpd9HXCXKaRTtCnVuUp1vM22k--G1LISLzSQ
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1f4cce3d-7bdb-4551-8cbe-c77c3f2493b3"
.linkedin.com/ Name: lidc
Value: "b=TGST09:s=T:r=T:a=T:p=T:g=2305:u=1:x=1:i=1653473166:t=1653559566:v=2:sig=AQEA2JobNlLkmGCP0Y9xq9JeedEdsOZX"
.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.com/ Name: bscookie
Value: "v=1&20220525100606efcc92ed-e196-4b7b-87cd-8945041bb87eAQHTka9e8ZC0cQbH2tY5nPddLMASAKtj"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTM0NzMxNjY7MjswMjHLIj6F5uNiMs09ZfQTUoZ6j1idoQqBIY0C0npMglZ6DQ==
www.beingwelltogether.org/ Name: AWSALBTG
Value: YT5FEFabdkgv2mjdfm7JHUhFvVy+eDdhi5B8HYE/cY3JfmHQJ6pw+XAPLIUJgQ/ttWPYIwsZq9I32C/OAVVVQu9elIfAnyDlbVgrDbaFfmC6m5ff7Vz8C8qaQaG8CigQqw7qxAt2H2cGHmHqoAXh6bVDg4miqFfX3HxOV/TF3V5h2bDZbcs=
www.beingwelltogether.org/ Name: AWSALBTGCORS
Value: YT5FEFabdkgv2mjdfm7JHUhFvVy+eDdhi5B8HYE/cY3JfmHQJ6pw+XAPLIUJgQ/ttWPYIwsZq9I32C/OAVVVQu9elIfAnyDlbVgrDbaFfmC6m5ff7Vz8C8qaQaG8CigQqw7qxAt2H2cGHmHqoAXh6bVDg4miqFfX3HxOV/TF3V5h2bDZbcs=
www.beingwelltogether.org/ Name: AWSALB
Value: cFyLYFzvejh6Zh/VcVo9Picbvzfky382II6KkYuZoZiVOlnHKUZ9mAWaV4hYCYU/2siSv7Sa2Mj/6vgmUZ3zixUJmAPZsCqt+/Yk9T8D9CMlyccuapr8IctsnanA
www.beingwelltogether.org/ Name: AWSALBCORS
Value: cFyLYFzvejh6Zh/VcVo9Picbvzfky382II6KkYuZoZiVOlnHKUZ9mAWaV4hYCYU/2siSv7Sa2Mj/6vgmUZ3zixUJmAPZsCqt+/Yk9T8D9CMlyccuapr8IctsnanA

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self'; img-src 'self';script-src 'self' 'sha256-A+L7xqzJR8aZBmjMWVb9/WDrE3iS/6zQ0nCamw8+nRU=';object-src 'none';form-action 'none';frame-src 'none'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
app-lon03.marketo.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
info.beingwelltogether.org
px.ads.linkedin.com
px4.ads.linkedin.com
services.postcodeanywhere.co.uk
snap.licdn.com
static.ads-twitter.com
stats.g.doubleclick.net
t.co
www.beingwelltogether.org
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.youtube.com
104.16.95.80
104.244.42.131
104.244.42.5
13.107.43.14
199.232.136.157
2606:4700:3036::ac43:a0e7
2606:4700::6811:190e
2620:1ec:22::14
2a00:1450:4001:800::2004
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2008
2a00:1450:4001:813::2003
2a00:1450:4001:827::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2003
2a00:1450:4025:402::9c
2a02:26f0:3500:7::17d8:4dc8
34.117.233.127
95.138.158.240
0447c74c3d101b8e76b1ab81fbb88f5a41996b2be7ba6d8d0a10b34efb60255f
08d980a0078833500164c11d121da467e86838848192c828ff01a15575352bbe
127b23cee2b82a4b458ba3930a1df6b6d8c5e7acd321c7fc6c27fb1c24494691
14f2ec002b176e0dee403cb7dd4ef2274a1353080e1e3e4084678770f4c15b9c
171d43f5024c6898a87803a857f1de096d6cd68aca9985e76c45210260273a6d
1d672340f65c5fe96aa4bab155ba3f08014d872cdc115bee3d19332a54586784
256e42104f48a5fa80b031da12dc56acde224fba3f9810f8f8192b39136d365a
27bd861b19ebd6beeadfe1928b5ea02d9029291f884d0fa1fa3e7eef15e50f0a
28f7867ed82ffde54a0078cff53dd4aec1d6989a30b2899b9116e6f0c05984f0
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
4e5371baad8660b6b01efd5825e50c590070551b2c4f09e6ca3150cbe2990965
51101033cdc7329ffed942af014f90c54110aada6d7790841986beb3fd93ffef
54b1a318711ed45da6f1a787a0b0f601199c8676b7d565a4163674833c64b0a0
56533e637a5c980ba4c1653ed7eea219cdbd2e86f1448c1aa38c538cb1f89285
788b4b14ec9f43877f386cc49c67218b664c545f048468334b493b7d238f89f4
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88499691ba96262432a4badc970121cf8e6e7617cb371851378991f89d55b2cf
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9434dddcdf38e072b039bb92f9e90639ec0e0563e8ff51604a60d91830c29289
94a6986110b37fdabf6ec326fe199098afd95e5575ed7a78e37558bac56d89db
9c5264e935b712ef08751b873fe365f0312be59f66257874c1eac86ef409e867
9c59a36dd2ffea3407d3eb6002bf9bc283c2060c5977e7fb63126ec617a60e11
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b0aa8601eaf3c4c074b03d3ccf49c4feaa79b398e9ece1db908ef6e1cc274be2
b3262093fe3863f64d65231d919724ecc0d94cbd95c4d5ccb858d2e229f519ef
b61cb7b73d1eb7283507fd8f0f9e164c13d61f3790ba02c4bc918f02c992d316
b6ad5a27603f75a791cac31650e628994529f4692654f074e6a365b006911bee
cef1f2042c939f4afe4f85971f201e5588c94e60ef66e4cec9318aa7ca2d5741
d217d238f3f2648014fb12906dca5366954ffa6256d160726190d9e0e9c8376a
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d58e27cc22bc402225dc43986efaef510f72a5960c645f6e7cb546941d065edb
d5e0e3f31c2ef249bdf2482535e3fb13ca52a1d56e63a3b474cb6f4d268590bc
d7235de4c362042455610b34f76b932bd75fd2a8418b2be7b73278fa2aa98874
db08728a04972b8c3eeaffa7528fbeafc6fbc5af39d08e7628e1943fb0c6a9b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e753a034ec1f20e50bebbb78847c2c6fbb138f6bbd854216e57078b44c384200
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7d2621cbb0ccbd1433ea27174dbe65a6f7024cf765005727996b86df174509
efd0c5d34e459e8199af5d95b25051222bff7c890303ae723653447aaedc07ea
f0c694cc82e76bcd4aa4315b527a793949c27393a9e020cf65ae1ed87d370a2d
f16504cdaf2303d0ce120a46fba4b8e5019ff658e6293e16efd1686606cf3e0d
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
fc4975bd5c8039a43c369b00294f4a971a4a70d94684c71f2f361a9ec24cd4f7