Submitted URL: https://bskinnywrap.com/
Effective URL: https://itworks.com/
Submission: On November 13 via api from US — Scanned from DE

Summary

This website contacted 31 IPs in 4 countries across 19 domains to perform 435 HTTP transactions. The main IP is 2606:4700::6812:1183, located in United States and belongs to CLOUDFLARENET, US. The main domain is itworks.com. The Cisco Umbrella rank of the primary domain is 933839.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 6th 2024. Valid for: 10 months.
This is the only time itworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
1 1 2606:4700::68... 13335 (CLOUDFLAR...)
1 54 104.18.16.131 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 172.217.18.106 15169 (GOOGLE)
8 142.250.186.99 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
8 151.101.66.217 54113 (FASTLY)
13 2606:4700::68... 13335 (CLOUDFLAR...)
8 3.209.131.209 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
3 76.223.31.44 16509 (AMAZON-02)
5 216.239.34.36 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.227 15169 (GOOGLE)
1 123 104.18.17.131 13335 (CLOUDFLAR...)
2 2600:9000:205... 16509 (AMAZON-02)
4 34.107.203.234 396982 (GOOGLE-CL...)
85 2a04:4e42:200... 54113 (FASTLY)
23 2a04:4e42:200... 54113 (FASTLY)
14 151.101.65.91 54113 (FASTLY)
8 2600:9000:211... 16509 (AMAZON-02)
3 2a04:4e42:600... 54113 (FASTLY)
11 18.173.205.94 16509 (AMAZON-02)
1 52.22.103.159 14618 (AMAZON-AES)
10 2600:9000:211... 16509 (AMAZON-02)
2 2600:9000:236... 16509 (AMAZON-02)
435 31
Apex Domain
Subdomains
Transfer
190 itworks.com
bmoochler.itworks.com
services.itworks.com
cmsproxy.itworks.com
itworks.com — Cisco Umbrella Rank: 933839
6 MB
99 kc-usercontent.com
assets-us-01.kc-usercontent.com — Cisco Umbrella Rank: 72824
2 MB
54 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 6216 Failed
embed-ssl.wistia.com — Cisco Umbrella Rank: 11912
distillery.wistia.com — Cisco Umbrella Rank: 10429
embed-cloudfront.wistia.com
pipedream.wistia.com — Cisco Umbrella Rank: 10414
4 MB
19 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 740
events.launchdarkly.com — Cisco Umbrella Rank: 920
clientstream.launchdarkly.com — Cisco Umbrella Rank: 945
8 KB
8 gstatic.com
fonts.gstatic.com
71 KB
8 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 502
195 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 65
region1.google-analytics.com — Cisco Umbrella Rank: 2944
21 KB
4 luckyorange.com
settings.luckyorange.com — Cisco Umbrella Rank: 15475
404 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 64
227 KB
3 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 6502
browser.sentry-cdn.com — Cisco Umbrella Rank: 4977
27 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 171
td.doubleclick.net — Cisco Umbrella Rank: 231
621 B
3 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3604
3 myitworks.com
bmoochler.myitworks.com
static.myitworks.com
1 KB
2 cloudfront.net
d20519brkbo4nz.cloudfront.net
5 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 743
7 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 923
29 KB
1 litix.io
fg8vvsvnieiv3ej16jby.litix.io — Cisco Umbrella Rank: 32784
1 google.de
www.google.de — Cisco Umbrella Rank: 8378
63 B
1 bskinnywrap.com
bskinnywrap.com
319 B
435 19
Domain Requested by
99 assets-us-01.kc-usercontent.com
62 cmsproxy.itworks.com bmoochler.itworks.com
itworks.com
61 itworks.com 1 redirects bmoochler.itworks.com
itworks.com
54 bmoochler.itworks.com 1 redirects bmoochler.itworks.com
static.cloudflareinsights.com
23 fast.wistia.com bmoochler.itworks.com
itworks.com
fast.wistia.com
13 services.itworks.com bmoochler.itworks.com
itworks.com
11 distillery.wistia.com itworks.com
10 embed-cloudfront.wistia.com itworks.com
8 embed-ssl.wistia.com
8 events.launchdarkly.com bmoochler.itworks.com
itworks.com
8 app.launchdarkly.com bmoochler.itworks.com
itworks.com
8 fonts.gstatic.com bmoochler.itworks.com
itworks.com
8 maps.googleapis.com bmoochler.itworks.com
maps.googleapis.com
itworks.com
5 region1.google-analytics.com bmoochler.itworks.com
www.googletagmanager.com
itworks.com
4 settings.luckyorange.com bmoochler.itworks.com
itworks.com
4 www.googletagmanager.com bmoochler.itworks.com
www.googletagmanager.com
itworks.com
3 region1.analytics.google.com bmoochler.itworks.com
itworks.com
3 clientstream.launchdarkly.com
2 pipedream.wistia.com itworks.com
2 js.sentry-cdn.com fast.wistia.com
2 d20519brkbo4nz.cloudfront.net bmoochler.itworks.com
itworks.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 static.myitworks.com
2 static.cloudflareinsights.com bmoochler.itworks.com
itworks.com
2 www.google-analytics.com bmoochler.itworks.com
itworks.com
2 code.jquery.com bmoochler.itworks.com
itworks.com
1 fg8vvsvnieiv3ej16jby.litix.io itworks.com
1 browser.sentry-cdn.com js.sentry-cdn.com
1 www.google.de
1 td.doubleclick.net www.googletagmanager.com
1 bmoochler.myitworks.com 1 redirects
1 bskinnywrap.com 1 redirects
435 32
Subject Issuer Validity Valid
itworks.com
Cloudflare Inc ECC CA-3
2024-03-06 -
2024-12-31
10 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cloudflareinsights.com
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-04-04 -
2025-05-06
a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M03
2024-07-16 -
2025-08-14
a year crt.sh
myitworks.com
WE1
2024-09-26 -
2024-12-25
3 months crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02
2024-07-16 -
2025-08-14
a year crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.de
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
settings.luckyorange.com
R11
2024-10-08 -
2025-01-06
3 months crt.sh
*.kc-usercontent.com
R11
2024-10-14 -
2025-01-12
3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-04-04 -
2025-05-06
a year crt.sh
*.wistia.com
Amazon RSA 2048 M02
2024-01-01 -
2025-01-28
a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2
2024-06-04 -
2025-07-06
a year crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M02
2024-08-13 -
2025-09-11
a year crt.sh
*.litix.io
Amazon RSA 2048 M02
2024-06-23 -
2025-07-21
a year crt.sh
pipedream-production-cloudfront-app-cname.wistia.com
Amazon RSA 2048 M03
2024-08-11 -
2025-09-09
a year crt.sh

This page contains 4 frames:

Primary Page: https://itworks.com/
Frame ID: B4E4373B0899B92640244706CCF1A777
Requests: 390 HTTP requests in this frame

Frame: https://bmoochler.itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 1D0D8DCA3B1F64C31F7C097EA20EE374
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-B9ZCN4XJNP&gacid=22383634.1731501571&gtm=45je4b70v890894587za200zb79783485&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629~102067554~102077855&z=1212340959
Frame ID: 309E9464047EF392B625898E8BB3987A
Requests: 1 HTTP requests in this frame

Frame: https://itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Frame ID: 0CC8CEF9E5C2D659748AE6EF2F5346C5
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Home | IT WORKS!

Page URL History Show full URLs

  1. https://bskinnywrap.com/ HTTP 301
    http://bmoochler.myitworks.com/ HTTP 307
    https://bmoochler.myitworks.com/ HTTP 302
    https://bmoochler.itworks.com/ Page URL
  2. https://itworks.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
  • browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

435
Requests

94 %
HTTPS

56 %
IPv6

19
Domains

32
Subdomains

31
IPs

4
Countries

13499 kB
Transfer

28840 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://bskinnywrap.com/ HTTP 301
    http://bmoochler.myitworks.com/ HTTP 307
    https://bmoochler.myitworks.com/ HTTP 302
    https://bmoochler.itworks.com/ Page URL
  2. https://itworks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://bskinnywrap.com/ HTTP 301
  • http://bmoochler.myitworks.com/ HTTP 307
  • https://bmoochler.myitworks.com/ HTTP 302
  • https://bmoochler.itworks.com/
Request Chain 25
  • https://bmoochler.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://bmoochler.itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js
Request Chain 207
  • https://itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js

435 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
bmoochler.itworks.com/
Redirect Chain
  • https://bskinnywrap.com/
  • http://bmoochler.myitworks.com/
  • https://bmoochler.myitworks.com/
  • https://bmoochler.itworks.com/
20 KB
5 KB
Document
General
Full URL
https://bmoochler.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d3af439cec91b18b37644c79a0b7c0eebc3b52de7d8cb56337fe2971279b5f19
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e1ed2fa3b942bb5-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 13 Nov 2024 12:39:22 GMT
last-modified
Tue, 12 Nov 2024 20:16:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=2592000
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
8e1ed2f0ebc56acc-FRA
Cache-Control
private,no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/html; Charset=utf-8
Date
Wed, 13 Nov 2024 12:39:21 GMT
Server
cloudflare
Transfer-Encoding
chunked
expires
0
location
https://bmoochler.itworks.com
pragma
no-cache
x-frame-options
SAMEORIGIN
jquery-2.2.4.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bmoochler.itworks.com
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-14e4a"
age
1492234
x-cache
HIT, HIT
date
Wed, 13 Nov 2024 12:39:23 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
1, 152418
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21935-LGA, cache-fra-eddf8230157-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1731501564.600524,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
29811
server
nginx
js
maps.googleapis.com/maps/api/
239 KB
81 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
b3a37accd72a5b61cd9c09efe0866713ac332ac9d703948c835ab4a2ab920530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
d660d06a
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82068
date
Wed, 13 Nov 2024 12:39:23 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/
311 KB
95 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58e865290669671cf05e81228171fd65e9b2358b6315371b929c8af58c768654
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 13 Nov 2024 12:39:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96770
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
gzip
age
755
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 14:26:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:26:50 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
runtime.9bc0ca4a1421af2a.js
bmoochler.itworks.com/portal/
3 KB
2 KB
Script
General
Full URL
https://bmoochler.itworks.com/portal/runtime.9bc0ca4a1421af2a.js
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ca740ddb39784283b5896d018acd661341698bb5c5b7dcdeaa942d23e8571e8c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bmoochler.itworks.com
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"dd9-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:23 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:23 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed30299462bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
polyfills.4eabdd1b793ab22a.js
bmoochler.itworks.com/portal/
69 KB
25 KB
Script
General
Full URL
https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cca4851fa7a29a0607378c513516b3f892446d4a6a0c8cc33e6cfae6e2412ba9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bmoochler.itworks.com
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"11535-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:23 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:23 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed30299472bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
scripts.7f0b88fdce9e9506.js
bmoochler.itworks.com/portal/
123 KB
45 KB
Script
General
Full URL
https://bmoochler.itworks.com/portal/scripts.7f0b88fdce9e9506.js
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d17a761a107c7b27e2aae1e12a2be31159021f0605ec2dccf9f5ef0802ff3bdd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"1ea78-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:24 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:24 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed3079ccb2bb5-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
main.92d072141887f25d.js
bmoochler.itworks.com/portal/
3 MB
775 KB
Script
General
Full URL
https://bmoochler.itworks.com/portal/main.92d072141887f25d.js
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d7e5d88e6af96d0448e1c6e8cd2225192d23d49534a3a3f2ef3c7c158758b106
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bmoochler.itworks.com
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"306a94-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:23 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:24 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed30299482bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bmoochler.itworks.com
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e1ed30b6c84dbf7-FRA
access-control-allow-origin
*
date
Wed, 13 Nov 2024 12:39:24 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
44 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Wed, 13 Nov 2024 12:39:24 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
styles.d19a8d17d4550d96.css
bmoochler.itworks.com/portal/
1 MB
170 KB
Stylesheet
General
Full URL
https://bmoochler.itworks.com/portal/styles.d19a8d17d4550d96.css
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ac722ff914b53d8a19b32c6fea6a45776ea7fa518f4fca32c7011775feedab56
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"10eeca-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:24 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:24 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed3079ccc2bb5-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bmoochler.itworks.com
Referer
https://bmoochler.itworks.com/

Response headers

age
595161
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:20:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:20:04 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/
411 KB
132 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4b70v79783485za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df25caef019af70aaa3666f122de83b5b69b2f08089204ca04d61d9a85362821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 13 Nov 2024 12:39:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134923
x-xss-protection
0
server
Google Tag Manager
common.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/
267 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
sffe /
Resource Hash
415683bd714195a6f4c3c6d729c1e8f5061a26b5edf54cc5ac1317ad3309d7e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
br
age
18219
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 07:35:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 07:35:50 GMT
last-modified
Tue, 29 Oct 2024 22:44:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
56957
x-xss-protection
0
server
sffe
util.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/
191 KB
58 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
sffe /
Resource Hash
f997e0f2a67fae6c99b9466b56e583964feecb57b1635eaf35b4c8fbcc510919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
br
age
17398
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 07:49:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 07:49:31 GMT
last-modified
Tue, 29 Oct 2024 22:44:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
59598
x-xss-protection
0
server
sffe
styles.d19a8d17d4550d96.css
bmoochler.itworks.com/portal/
1 MB
0
Stylesheet
General
Full URL
https://bmoochler.itworks.com/portal/styles.d19a8d17d4550d96.css
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ac722ff914b53d8a19b32c6fea6a45776ea7fa518f4fca32c7011775feedab56
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"10eeca-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:24 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:24 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed3079ccc2bb5-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4b70v890894587z879783485za200zb79783485&_p=1731501563248&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101823848~101925629~102067554~102077855&cid=22383634.1731501571&ecid=1694987449&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&sid=1731501571&sct=1&seg=0&dl=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=12696
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bmoochler.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:31 GMT
content-type
text/plain
server
Golfe2
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Wed, 13 Nov 2024 12:39:32 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-served-by
cache-fra-etou8220113-FRA
x-timer
S1731501573.724321,VS0,VE0
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Wed, 13 Nov 2024 12:39:32 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-etou8220113-FRA
x-timer
S1731501573.724222,VS0,VE1
level
bmoochler.itworks.com/api/log/
20 B
216 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log/level
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

cf-cache-status
DYNAMIC
etag
W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
access-control-allow-credentials
true
cf-ray
8e1ed33d19cf2bb5-FRA
alt-svc
h3=":443"; ma=86400
content-length
20
date
Wed, 13 Nov 2024 12:39:32 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-powered-by
Express
server
cloudflare
countries
services.itworks.com/countries/v1/
3 KB
959 B
XHR
General
Full URL
https://services.itworks.com/countries/v1/countries
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

correlationid
3623389c16268ecb1300a08afc7444a4
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 16:39:33 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:33 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
996ef7e1-9413-42e0-822f-c119dc8682b7
last-modified
Wed, 13 Nov 2024 12:39:33 GMT
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed33d8fcd9b69-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
bag
bmoochler.itworks.com/ajax/
1 KB
987 B
XHR
General
Full URL
https://bmoochler.itworks.com/ajax/bag
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6965d6d01fe670585f9015262de4b87f8f2702ad2058765524991134a7ad1239
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
no-store,no-cache,no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache,no-cache
cf-ray
8e1ed33d29dc2bb5-FRA
expires
Tue, 12 Nov 2024 12:39:32 GMT,0
x-iwgtime
11/13/2024 6:39:33 AM
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:33 GMT
content-type
application/json; Charset=utf-8
server
cloudflare
x-frame-options
SAMEORIGIN
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/
2 B
180 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer
https://bmoochler.itworks.com/

Response headers

content-md5
d751713988987e9331980363e24189ce
access-control-max-age
300
content-encoding
gzip
etag
"d751713988987e9331980363e24189ce"
age
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 13 Nov 2024 12:39:32 GMT
content-type
application/json
x-served-by
cache-fra-etou8220113-FRA
x-cache-hits
16
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
cache-control
max-age=0
x-timer
S1731501573.742607,VS0,VE0
ld-region
us-east-1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
26
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/
44 KB
6 KB
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72c93bd5f9f4d0f826db9176bf79f8465ee1639745521aa586541751bd2c39ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer
https://bmoochler.itworks.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
etag
"523dbb"
age
0
access-control-allow-methods
OPTIONS, GET
x-cache
HIT
date
Wed, 13 Nov 2024 12:39:32 GMT
content-type
application/json
vary
Authorization, Accept-Encoding
x-served-by
cache-fra-eddf8230091-FRA, cache-fra-etou8220113-FRA
x-cache-hits
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
cache-control
max-age=0
x-timer
S1731501573.742583,VS0,VE2
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
6045
main.js
bmoochler.itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 1D0D
Redirect Chain
  • https://bmoochler.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://bmoochler.itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB
Script
General
Full URL
https://bmoochler.itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f2a58e1d325ca7f1cf8a1aba958d7dc5d9fb770ce9095a9d8be0de99267f8ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8e1ed33e2a862bb5-FRA
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:32 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray
8e1ed33d7a0a2bb5-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:32 GMT
vary
Accept-Encoding
server
cloudflare
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/
0
358 B
XHR
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.209.131.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-131-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Wed, 13 Nov 2024 12:39:33 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.209.131.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-131-209.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Wed, 13 Nov 2024 12:39:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4b70v890894587za200zb79783485&_p=1731501563248&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101823848~101925629~102067554~102077855&cid=22383634.1731501571&ecid=1694987449&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EEA&_s=2&sid=1731501571&sct=1&seg=0&dl=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=scroll&epn.percent_scrolled=90&_et=5&tfd=14281
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bmoochler.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:32 GMT
content-type
text/plain
server
Golfe2
rum
bmoochler.itworks.com/cdn-cgi/
0
145 B
XHR
General
Full URL
https://bmoochler.itworks.com/cdn-cgi/rum?
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://bmoochler.itworks.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8e1ed33e0a6f2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
date
Wed, 13 Nov 2024 12:39:32 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed33e5ab92bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:32 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
favicon.svg
static.myitworks.com/themes/rws-v3/images/
841 B
1 KB
Other
General
Full URL
https://static.myitworks.com/themes/rws-v3/images/favicon.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

Content-Encoding
gzip
CF-Cache-Status
HIT
etag
W/"28dcb8f1704cd91:0"
Age
4943
Expires
Wed, 13 Nov 2024 16:39:32 GMT
Date
Wed, 13 Nov 2024 12:39:32 GMT
Content-Type
image/svg+xml
last-modified
Wed, 01 Mar 2023 19:06:35 GMT
Vary
Accept-Encoding
access-control-allow-headers
Content-Type,Authorization
Transfer-Encoding
chunked
Cache-Control
public, max-age=14400
Connection
keep-alive
CF-RAY
8e1ed33f0bd0dc8e-FRA
access-control-allow-origin
*
Server
cloudflare
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/
44 KB
0
EventSource
General
Full URL
https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Cache-Control
no-cache
Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
cache-control
no-cache, no-store, must-revalidate
ld-region
eu-west-1
access-control-allow-methods
GET,OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 13 Nov 2024 12:39:33 GMT
content-type
text/event-stream; charset=utf-8
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
8e1ed2fa3b942bb5
bmoochler.itworks.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 1D0D
0
666 B
XHR
General
Full URL
https://bmoochler.itworks.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e1ed2fa3b942bb5
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8e1ed33f9bd92bb5-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:33 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4b70v890894587z879783485za200zb79783485&_p=1731501563248&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101823848~101925629~102067554~102077855&cid=22383634.1731501571&ecid=1694987449&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=3&sid=1731501571&sct=1&seg=0&dl=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=page_load_time&epn.loading_time_sec=14.27&_et=1573&tfd=14804
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bmoochler.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:33 GMT
content-type
text/plain
server
Golfe2
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4b70v890894587za200zb79783485&_p=1731501563248&_gaz=1&gcs=G111&gcu=1&gcd=13r3r3r2r5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102067554~102077855&gcut=3&cid=22383634.1731501571&ecid=1694987449&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=4&sid=1731501571&sct=1&seg=0&dl=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=user_engagement&ep.ga_temp_client_id=22383634.1731501571&ep.ga_temp_ecid=1694987449&_et=518&tfd=14804
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bmoochler.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:33 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
558 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B9ZCN4XJNP&cid=22383634.1731501571&gtm=45je4b70v890894587za200zb79783485&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&frm=0&tag_exp=101823848~101925629~102067554~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4b70v79783485za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://bmoochler.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:33 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 309E
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-B9ZCN4XJNP&gacid=22383634.1731501571&gtm=45je4b70v890894587za200zb79783485&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101823848~101925629~102067554~102077855&z=1212340959
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4b70v79783485za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://bmoochler.itworks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 13 Nov 2024 12:39:33 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B9ZCN4XJNP&cid=22383634.1731501571&gtm=45je4b70v890894587za200zb79783485&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&frm=0&tag_exp=101823848~101925629~102067554~102077855&tag_exp=101823848~101925629~102067554~102077855&z=259979178
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Wed, 13 Nov 2024 12:39:33 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
US
services.itworks.com/countries/v1/countrysettings/
709 B
605 B
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings/US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

correlationid
96b5f3e5e88e6fbdff7027beb4b609e4
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 16:39:34 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
623b848a-2ccd-4473-8ed6-c4765d1b01a4
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed3448bd29b69-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
US
services.itworks.com/countries/v1/countrysettings/
709 B
0
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings/US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

correlationid
96b5f3e5e88e6fbdff7027beb4b609e4
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 16:39:34 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
623b848a-2ccd-4473-8ed6-c4765d1b01a4
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed3448bd29b69-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
26 KB
6 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88b75fc8e1926273a00509c072bc40072cf9482950db4fb0f6c10e4b2527fac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
46
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230093-FRA, cache-fra-eddf8230058-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1730621576.537096,VS0,VE396
referrer-policy
no-referrer
cf-ray
8e1ed3472e3d364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6096
server
cloudflare
site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed346bdca364d-FRA
date
Wed, 13 Nov 2024 12:39:34 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
bmoochler
services.itworks.com/customer/v1/profiles/
0
490 B
XHR
General
Full URL
https://services.itworks.com/customer/v1/profiles/bmoochler
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

correlationid
c1fdca9db40f40d352e8721e82e51d7e
xdebug
S:
access-control-expose-headers
CorrelationId
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 12:40:05 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
xpassedheaderkey
S:
messageid
b58010b7-9607-4338-9816-5bee1ef29838
vary
Accept-Encoding
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, max-age=30
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed3483ef3d399-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
shipping_method_static_content
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
28 KB
7 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/shipping_method_static_content?depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1dd8c727d9e4a5785f82ae48888b3077bd31df51052fe983e510d6d4a82c1d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
54
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220102-FRA, cache-fra-eddf8230133-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1730606272.875628,VS0,VE380
referrer-policy
no-referrer
cf-ray
8e1ed3489fa6364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6211
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
71 KB
13 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
686472c4e28141b1b8b4433c5b529cb74fc99219396897f6daafed92b4b50378
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
45
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230047-FRA, cache-fra-eddf8230071-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731437169.117125,VS0,VE415
referrer-policy
no-referrer
cf-ray
8e1ed3489fb2364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12324
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
4 KB
2 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=en-US&limit=1
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48297ac13e76efd39f64d23005c41a9d27bf6528ec62faba0715f07fc42a0260
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
1
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230041-FRA, cache-fra-eddf8230138-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731437437.867557,VS0,VE385
referrer-policy
no-referrer
cf-ray
8e1ed3489fb0364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1588
server
cloudflare
lo.js
d20519brkbo4nz.cloudfront.net/core/
13 KB
5 KB
Script
General
Full URL
https://d20519brkbo4nz.cloudfront.net/core/lo.js?site-id=b5b84745
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/main.92d072141887f25d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2600:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f856c8414143f27e5dd06dab33f37003f605eb4ac572f908c08123d2973bc9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

content-encoding
gzip
etag
"2e76f2975071a8eb95d665a06b06cae4"
age
2946
x-cache
Hit from cloudfront
x-amz-cf-id
mrjYGaNohwRtvJyCYtGqXmUy96OmKL-AFDH7UJoNF4XYxijq9cqUeQ==
date
Wed, 13 Nov 2024 11:50:29 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Wed, 06 Nov 2024 20:50:22 GMT
cache-control
max-age=3600
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4678
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
shipping_method_static_content
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/shipping_method_static_content?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed3483f40364d-FRA
date
Wed, 13 Nov 2024 12:39:34 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed3485f64364d-FRA
date
Wed, 13 Nov 2024 12:39:34 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed3485f66364d-FRA
date
Wed, 13 Nov 2024 12:39:34 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
header_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
165 KB
31 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/header_v2?depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
125
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230083-FRA, cache-fra-eddf8230100-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731473694.124149,VS0,VE458
referrer-policy
no-referrer
cf-ray
8e1ed349e8f3364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
31240
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
429 KB
111 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=en-US&limit=1
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
337
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230035-FRA, cache-fra-eddf8230122-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731463838.265687,VS0,VE494
referrer-policy
no-referrer
cf-ray
8e1ed349e8f1364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
112752
server
cloudflare
footer_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
66 KB
11 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/footer_v2?depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
42
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220136-FRA, cache-fra-eddf8230113-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1730466506.360495,VS0,VE389
referrer-policy
no-referrer
cf-ray
8e1ed349e8f0364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10580
server
cloudflare
header_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/header_v2?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed349a8bf364d-FRA
date
Wed, 13 Nov 2024 12:39:34 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed349a8c0364d-FRA
date
Wed, 13 Nov 2024 12:39:34 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
footer_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/footer_v2?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed349a8c1364d-FRA
date
Wed, 13 Nov 2024 12:39:34 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
ico-close-small-white.svg
bmoochler.itworks.com/portal/
383 B
620 B
Image
General
Full URL
https://bmoochler.itworks.com/portal/ico-close-small-white.svg
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.d19a8d17d4550d96.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/portal/styles.d19a8d17d4550d96.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"17f-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:35 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed349fc692bb5-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bmoochler.itworks.com
Referer
https://bmoochler.itworks.com/

Response headers

age
592984
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:56:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:56:30 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/
0
358 B
XHR
General
Full URL
https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.209.131.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-131-209.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Event-Schema
4
Referer
https://bmoochler.itworks.com/
X-LaunchDarkly-Payload-ID
566e7da0-a1bc-11ef-b1a4-03fda59e95f6
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
b5b84745
settings.luckyorange.com/
149 B
239 B
Fetch
General
Full URL
https://settings.luckyorange.com/b5b84745
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

x-lucky-uid
undefined
Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-lucky-referrer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
icon-instagram.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/
3 KB
3 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/icon-instagram.svg?w=32&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DB98FC1030F36A
x-timer
S1731501576.491388,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
2930
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Aug 2023 17:14:17 GMT
x-served-by
cache-iad-kjyo7100104-IAD, cache-fra-etou8220090-FRA
x-cache-hits
21, 1
icon-facebook.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/
462 B
598 B
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/icon-facebook.svg?w=32&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DB98FC2354D19C
x-timer
S1731501576.491793,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
462
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Aug 2023 17:14:49 GMT
x-served-by
cache-iad-kcgs7200171-IAD, cache-fra-etou8220090-FRA
x-cache-hits
21, 1
twitter-black%2032x32.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/
785 B
1 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/twitter-black%2032x32.svg?w=32&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC53EA59EEDAB8
x-timer
S1731501576.491771,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
785
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Wed, 03 Apr 2024 14:28:37 GMT
x-served-by
cache-iad-kjyo7100051-IAD, cache-fra-etou8220090-FRA
x-cache-hits
21, 0
icon-pinterest.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/
1 KB
1 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/icon-pinterest.svg?w=32&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DB98FC4AD3F6A5
x-timer
S1731501576.492119,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1193
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Aug 2023 17:15:55 GMT
x-served-by
cache-iad-kiad7000116-IAD, cache-fra-etou8220090-FRA
x-cache-hits
21, 1
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bmoochler.itworks.com
Referer
https://bmoochler.itworks.com/

Response headers

age
133353
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 23:37:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 23:37:02 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
details
services.itworks.com/customer/v1/profiles/bmoochler/
0
454 B
XHR
General
Full URL
https://services.itworks.com/customer/v1/profiles/bmoochler/details
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

correlationid
8d20cc23f0c7f643abe7b4f8cc2e8d2f
xdebug
S:
access-control-expose-headers
CorrelationId
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 12:40:05 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
xpassedheaderkey
S:
messageid
57e53817-7a8b-4226-b9b1-0ac165e96bee
vary
Accept-Encoding
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, max-age=30
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed34bdfe9d399-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
bag
bmoochler.itworks.com/ajax/
1 KB
987 B
XHR
General
Full URL
https://bmoochler.itworks.com/ajax/bag
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
no-store,no-cache,no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache,no-cache
cf-ray
8e1ed34c1e042bb5-FRA
expires
Tue, 12 Nov 2024 12:39:34 GMT,0
x-iwgtime
11/13/2024 6:39:35 AM
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
content-type
application/json; Charset=utf-8
server
cloudflare
x-frame-options
SAMEORIGIN
countrysettings
services.itworks.com/countries/v1/
11 KB
2 KB
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

correlationid
6dd7c8babc09999a812d10b9803d2445
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 16:39:35 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
ccda9b2a-4a92-4ae3-9dae-7583922a84db
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed34c28c4d399-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34c6e462bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34c6e4c2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34c7e5a2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34c7e5b2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34c7e612bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34c7e622bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34c8e702bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34c9e712bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34c9e742bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34c9e762bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34cae802bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34cae812bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34cae8b2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34cae8d2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34cbe922bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34cbe932bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34cce9a2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34cce9d2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34ccea22bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34ccea52bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34cdeb22bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
It%20Works%21%20Logo.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/00b19595-5197-4d3a-98b5-bf7ae1d9bf70/
6 KB
6 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/00b19595-5197-4d3a-98b5-bf7ae1d9bf70/It%20Works%21%20Logo.svg?h=25&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DCE13612E784DA
x-timer
S1731501577.530270,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
6005
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Mon, 30 Sep 2024 09:55:54 GMT
x-served-by
cache-iad-kiad7000122-IAD, cache-fra-etou8220090-FRA
x-cache-hits
9, 1
Daily_Routine_WEB_2000x2000.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3d0696ae-a774-4198-a483-411348631671/
4 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3d0696ae-a774-4198-a483-411348631671/Daily_Routine_WEB_2000x2000.jpg?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=767146 idim=2000x2000 ifmt=jpeg ofsz=3610 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"EHFptWvevg/7gDBdULgzNx8gcObg45WaVVgAuIhnVGs"
x-timer
S1731501576.492481,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
3610
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200105-IAD, cache-fra-etou8220090-FRA
x-cache-hits
12, 0
Listing%20Image-Slimming%20Trio%20Essentials%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/70af87cc-cf2b-4514-92d3-b83ca36f21b8/
9 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/70af87cc-cf2b-4514-92d3-b83ca36f21b8/Listing%20Image-Slimming%20Trio%20Essentials%20System.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=491364 idim=1080x1080 ifmt=png ofsz=18276 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"hNyQARwXrw5DMuNnmhYuMkQASzKZSGoBhbXpKfbiG4o"
x-timer
S1731501577.528591,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18276
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010247
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100040-IAD, cache-fra-etou8220090-FRA
x-cache-hits
12, 0
Listing%20Image-Slimming%20Trio%20Essentials%20System%20-%20Caffeine%20Free.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c777ac87-d994-4188-8cef-0fb32fc4b495/
7 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c777ac87-d994-4188-8cef-0fb32fc4b495/Listing%20Image-Slimming%20Trio%20Essentials%20System%20-%20Caffeine%20Free.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=422817 idim=1080x1080 ifmt=png ofsz=17420 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"94H+b0/xmLnGmRTrA+lBiGvs6oSjgq8dxy1xChr8ZgM"
x-timer
S1731501577.530238,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
17420
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
img07-us-east4
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200085-IAD, cache-fra-etou8220090-FRA
x-cache-hits
40, 0
SlimmingDeluxeSystem-SKU41702-listing-image1080x1080-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a1d564f3-6d08-41a6-824b-dad36b36406a/
12 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a1d564f3-6d08-41a6-824b-dad36b36406a/SlimmingDeluxeSystem-SKU41702-listing-image1080x1080-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=748668 idim=1080x1080 ifmt=png ofsz=18850 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"zJq4RwfoZcWNVb6smCq/S2UDlO2pZ/0GZiYAU9G2iww"
x-timer
S1731501577.524566,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18850
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100126-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
FLAT_FLAT1027_US_900px.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eeef4f00-58f6-4e93-a116-02eea1af0ecc/
4 KB
5 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eeef4f00-58f6-4e93-a116-02eea1af0ecc/FLAT_FLAT1027_US_900px.jpg?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=116993 idim=900x900 ifmt=jpeg ofsz=4402 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"Ordn/fJPemS2uS8kjEL2JhxdEkPkSpwZqU3bPW2hI1E"
x-timer
S1731501577.524121,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4402
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010229
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200138-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
Healthy%20Gut%20Essentials%20System%20Listing_US%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/baf65e9f-123d-4303-9741-5bf44826c6ae/
7 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/baf65e9f-123d-4303-9741-5bf44826c6ae/Healthy%20Gut%20Essentials%20System%20Listing_US%20%281%29.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=735680 idim=1080x1080 ifmt=png ofsz=20632 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"05yNz5HgXL6bOgCv6BhV1uWL3NyHiHD1zEhqMa5X2Y8"
x-timer
S1731501577.530677,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
20632
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010229
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200054-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
Healthy%20Gut%20Deluxe%20System%20Listing_US%20%283%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4d6147a3-8b88-4f38-8720-afddf97952e4/
12 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4d6147a3-8b88-4f38-8720-afddf97952e4/Healthy%20Gut%20Deluxe%20System%20Listing_US%20%283%29.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=647231 idim=1080x1080 ifmt=png ofsz=18164 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"wCjiigwKIFqu44d4wZ6lvkkYe5lke/ihqT94TKaMDq4"
x-timer
S1731501577.524145,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18164
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100080-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
listing%20image-Morning%20Trio-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/95e2b755-e710-4622-bdd5-0b545639977a/
9 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/95e2b755-e710-4622-bdd5-0b545639977a/listing%20image-Morning%20Trio-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=588781 idim=1080x1080 ifmt=png ofsz=19724 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"T3DiB0ISd+pu96omkJkY0sM9wqPoVYR7qUoPtbLTyIc"
x-timer
S1731501577.526257,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
19724
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
img03-us-east4
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000176-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
mega-menu-greens-multi-us.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/afcdf691-4db5-427e-a72d-796eda2dfb38/
8 KB
8 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/afcdf691-4db5-427e-a72d-796eda2dfb38/mega-menu-greens-multi-us.jpg?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1211862 idim=1080x1080 ifmt=jpeg ofsz=8122 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"wK4XJlVTauZoKPX7MndUcsqpTld0eM/59zEUrIbL1Gk"
x-timer
S1731501577.527458,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
8122
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010250
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000035-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
listing%20image-collagen%20ultra-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b4cb8457-040f-4dcd-a550-c133f4450e73/
9 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b4cb8457-040f-4dcd-a550-c133f4450e73/listing%20image-collagen%20ultra-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=637698 idim=1080x1080 ifmt=png ofsz=16472 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"7njnFBmymNr8aYF5J9ptVil/o/OdhGLDBTnWyYS3Uc8"
x-timer
S1731501577.527210,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
16472
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200073-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
37701VALUE-Skinny%20Hydrate-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/bede3f8e-a4d7-4f81-ba07-484114220dfa/
12 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/bede3f8e-a4d7-4f81-ba07-484114220dfa/37701VALUE-Skinny%20Hydrate-1080x1080.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1487113 idim=1081x1081 ifmt=png ofsz=37334 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"DkBtoopRVLU08oyiy2mmaYd3VVJ9Fd5JBPrRqQebQQc"
x-timer
S1731501576.492257,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
37334
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
img01-us-east4
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100042-IAD, cache-fra-etou8220090-FRA
x-cache-hits
7, 0
37101TFVALUE-Superfood-Smoothie-Tropical-Fruit-1080x1080-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eba43fff-ac46-4563-a3ee-51126393b6a3/
6 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eba43fff-ac46-4563-a3ee-51126393b6a3/37101TFVALUE-Superfood-Smoothie-Tropical-Fruit-1080x1080-min.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=322619 idim=1081x1081 ifmt=png ofsz=26212 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"msKolWHPOL2/Z75HvTTescyJRP1cyC3ZxxC5FSC1wwk"
x-timer
S1731501577.530649,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
26212
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010217
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100172-IAD, cache-fra-etou8220090-FRA
x-cache-hits
7, 0
FIRM-0839-US-X2%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3db6da37-e6e2-4bcb-be85-6ce517bee550/
4 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3db6da37-e6e2-4bcb-be85-6ce517bee550/FIRM-0839-US-X2%201.png?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1117129 idim=900x900 ifmt=png ofsz=4130 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"7D2y4blKqR8cDJGCXoI89NoR08KZMfbOMvjSOu4yO9c"
x-timer
S1731501577.523722,VS0,VE4
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4130
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200021-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
Image%201%20Listing%20Image%20US%20Body%20Trio.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9f3f2ff9-d3d2-4881-a283-eccc750532e2/
12 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9f3f2ff9-d3d2-4881-a283-eccc750532e2/Image%201%20Listing%20Image%20US%20Body%20Trio.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=808237 idim=1080x1080 ifmt=png ofsz=17490 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"SjnVJ3V8YIHhA+l2v++3nzX7viPFww4sOHZokmcndY8"
x-timer
S1731501577.523675,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
17490
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100024-IAD, cache-fra-etou8220090-FRA
x-cache-hits
11, 0
Hair%2BBody%20Set.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3718ceb9-95c4-4e84-b284-14dbb39e8576/
12 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3718ceb9-95c4-4e84-b284-14dbb39e8576/Hair%2BBody%20Set.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=568327 idim=1080x1080 ifmt=png ofsz=21332 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"fK7fF/syS74m6g5iTk6X/qdOBSA3S5kMdUvxuj5j9jU"
x-timer
S1731501576.492624,VS0,VE12
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
21332
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010214
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200027-IAD, cache-fra-etou8220090-FRA
x-cache-hits
15, 0
Sugar%20Cookie%20Substance%20Images2%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/dcb572d7-41dc-47c1-a42d-2101093705ca/
5 KB
5 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/dcb572d7-41dc-47c1-a42d-2101093705ca/Sugar%20Cookie%20Substance%20Images2%20%281%29.png?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1120696 idim=1080x1080 ifmt=png ofsz=5266 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"rkmDltiOGFHSIJTFxfan4XHHzfUeScsAe1dlOF7fNfg"
x-timer
S1731501577.527092,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
5266
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010250
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100175-IAD, cache-fra-etou8220090-FRA
x-cache-hits
15, 0
Coffee%20Sampler%20Pack-listing%20images.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/580f7c16-4a6a-4562-b14e-017d09460173/
9 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/580f7c16-4a6a-4562-b14e-017d09460173/Coffee%20Sampler%20Pack-listing%20images.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=740186 idim=1080x1080 ifmt=png ofsz=18654 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"9+Xf2TcNX50GDBJ+zLDH8phLGslM3vNrw5QrNaovWMU"
x-timer
S1731501577.527960,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18654
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010227
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200061-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
listing%20image-Morning%20Trio-skinnybrew-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/305792d2-0bdc-41e6-a48d-a5006482578c/
12 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/305792d2-0bdc-41e6-a48d-a5006482578c/listing%20image-Morning%20Trio-skinnybrew-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=653820 idim=1080x1080 ifmt=png ofsz=19544 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"7CcZJuH8i1mJecd6UP2IvB121kBnMbaWhhAHiPNQh5o"
x-timer
S1731501576.492960,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
19544
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010216
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200029-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
TFXX-Substance%20Images4.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e9441474-4fd9-4c5a-b3ea-26ef37a9315b/
3 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e9441474-4fd9-4c5a-b3ea-26ef37a9315b/TFXX-Substance%20Images4.png?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=901529 idim=900x900 ifmt=png ofsz=3312 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"5caQpgzngpqM93OjhZFn0ZSVgQ0yNXObj0AtYo4VQEI"
x-timer
S1731501577.530724,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
3312
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010227
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100086-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
38601VALUE-Skinny-Proffee-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/78f9ac4e-7c03-44e2-b6c8-161d877a063e/
9 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/78f9ac4e-7c03-44e2-b6c8-161d877a063e/38601VALUE-Skinny-Proffee-1080x1080.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1218856 idim=1081x1081 ifmt=png ofsz=33006 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"P1Y6L59K9KUbV6u0qZ4SFqEipFZdil9aWzalvopMcnc"
x-timer
S1731501577.529089,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
33006
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000159-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
37501VALUE-Power%20Hydrate-1080x1080%20%281%29-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7a6cd079-09df-4cd2-b9ba-07dc5e04abf2/
12 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7a6cd079-09df-4cd2-b9ba-07dc5e04abf2/37501VALUE-Power%20Hydrate-1080x1080%20%281%29-min.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=271713 idim=1081x1081 ifmt=png ofsz=17076 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"2M8fg1vVPJZcWzDOO46NvovEx/W9MENMLcBuub9vLgc"
x-timer
S1731501577.524100,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
17076
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010212
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000056-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
Perks%20Member%205%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/
9 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/Perks%20Member%205%201.png?w=500&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=4578526 idim=2000x1600 ifmt=png ofsz=29346 odim=500x400 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"iVlSEg5aLoFtfkXj6WiTTO1Q+Z/AcRoG/fyyIq7o3No"
x-timer
S1731501577.526698,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
29346
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010211
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100113-IAD, cache-fra-etou8220090-FRA
x-cache-hits
2, 1
Perks%20Member.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/
13 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/Perks%20Member.jpg?w=500&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=6791563 idim=3392x2729 ifmt=jpeg ofsz=27266 odim=500x402 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"aAtz7OaTUelXDUp5O/nrC2pEQmyMyy/suDP8+76GwEw"
x-timer
S1731501576.491783,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
27266
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010246
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000075-IAD, cache-fra-etou8220090-FRA
x-cache-hits
2, 1
Events%20US%20Leadership%20Summit.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/32be78f8-eaa2-4583-8210-672da0241750/
6 KB
6 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/32be78f8-eaa2-4583-8210-672da0241750/Events%20US%20Leadership%20Summit.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=22400 idim=1000x800 ifmt=png ofsz=5848 odim=450x360 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"TULZCKy2tRVpLFyX2Cw76nTysx6cQ2oL8JKDpN2cmTc"
x-timer
S1731501577.523561,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
5848
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010212
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200022-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 1
Gear%20Store%20Nav%20Image%20%281%29%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3505a99c-67d5-4cf8-bf8d-41ab7f184f09/
12 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3505a99c-67d5-4cf8-bf8d-41ab7f184f09/Gear%20Store%20Nav%20Image%20%281%29%201.jpg?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=660077 idim=1286x965 ifmt=jpeg ofsz=15280 odim=450x338 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"UOR8koITO1B4VhUIyp9OfNX+gvzgtF29nMgpONeGcAM"
x-timer
S1731501577.523516,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
15280
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010231
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200167-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
us.svg
bmoochler.itworks.com/portal/
4 KB
1 KB
Image
General
Full URL
https://bmoochler.itworks.com/portal/us.svg
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.d19a8d17d4550d96.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/portal/styles.d19a8d17d4550d96.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"116d-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:35 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed34d0ee22bb5-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
Inter-roman.var.woff2
bmoochler.itworks.com/portal/
222 KB
222 KB
Font
General
Full URL
https://bmoochler.itworks.com/portal/Inter-roman.var.woff2?v=3.19
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.d19a8d17d4550d96.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bmoochler.itworks.com
Referer
https://bmoochler.itworks.com/portal/styles.d19a8d17d4550d96.css

Response headers

cf-cache-status
MISS
etag
W/"3776c-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:35 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
content-type
font/woff2
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed34d9f3d2bb5-FRA
accept-ranges
bytes
access-control-allow-origin
https://bmoochler.itworks.com
content-length
227180
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
MaterialSymbolsOutlined.woff2
bmoochler.itworks.com/assets/material-design-icons/
0
0

log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34e1f932bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34e2f992bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34e2f9a2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
details
services.itworks.com/customer/v1/profiles/bmoochler/
0
0
XHR
General
Full URL
https://services.itworks.com/customer/v1/profiles/bmoochler/details
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

correlationid
8d20cc23f0c7f643abe7b4f8cc2e8d2f
xdebug
S:
access-control-expose-headers
CorrelationId
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 12:40:05 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
xpassedheaderkey
S:
messageid
57e53817-7a8b-4226-b9b1-0ac165e96bee
vary
Accept-Encoding
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, max-age=30
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed34bdfe9d399-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
products
services.itworks.com/product/v1/categories/best-sellers/
12 KB
2 KB
XHR
General
Full URL
https://services.itworks.com/product/v1/categories/best-sellers/products?country=US&language=en&customerType=LC&orderType=Shopping
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://bmoochler.itworks.com/

Response headers

correlationid
3cb077c5b8355ee55b6ae0ccf77b28ca
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
ab34d5ff-cad5-4ae1-915d-5c0b825d77e4
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, s-maxage=300, max-age=30, stale-while-revalidate=15
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed34e7eb0d399-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
E-v1.js
fast.wistia.com/assets/external/
0
0

log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34ee83f2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34f186f2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
1 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
1
content-type
application/json; charset=utf-8
x-served-by
cache-bma1663-BMA, cache-bma1630-BMA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1729834556.224447,VS0,VE442
referrer-policy
no-referrer
cf-ray
8e1ed34f5f33364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
621
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
54 KB
14 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=en-US&limit=1
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
38
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230083-FRA, cache-fra-eddf8230027-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731437172.070280,VS0,VE407
referrer-policy
no-referrer
cf-ray
8e1ed34f5f2b364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13912
server
cloudflare
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34f68b92bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34f68bb2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34f68bc2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34f68bd2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34f68be2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34f68bf2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
untitled_content_item_7eaf584
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
7 KB
3 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_7eaf584?depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
6
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220100-FRA, cache-fra-eddf8230142-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1729572429.523955,VS0,VE116
referrer-policy
no-referrer
cf-ray
8e1ed34fdfac364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2196
server
cloudflare
untitled_content_item_e785bd0
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
7 KB
3 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_e785bd0?depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
6
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230115-FRA, cache-fra-eddf8230028-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731463847.135152,VS0,VE393
referrer-policy
no-referrer
cf-ray
8e1ed34fefba364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2216
server
cloudflare
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34fc91a2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed34fd91d2bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
untitled_content_item_5f98934
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_5f98934?depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
2
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230056-FRA, cache-fra-eddf8230141-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1729642738.233014,VS0,VE373
referrer-policy
no-referrer
cf-ray
8e1ed3500fdf364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
913
server
cloudflare
sugar_cookie_shop_now_to_pdp
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/sugar_cookie_shop_now_to_pdp?depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
2
content-type
application/json; charset=utf-8
x-served-by
cache-bma1622-BMA, cache-bma1620-BMA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731156022.587466,VS0,VE453
referrer-policy
no-referrer
cf-ray
8e1ed3500fe1364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
976
server
cloudflare
untitled_content_item_5a6a6b3
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_5a6a6b3?depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
2
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230120-FRA, cache-fra-eddf8230073-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1729607857.935526,VS0,VE385
referrer-policy
no-referrer
cf-ray
8e1ed3500fdd364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
910
server
cloudflare
Weight%20Control%2016%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/39e82b93-eff1-4f8d-ae95-203a9f5b31ab/
0
0

Featured%20Category-Gut%20Health-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1ccd3fde-8b3b-4943-9f1f-6a5d4250c744/
0
0

Active%20Lifestyle%2016.9%202%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/05953d3b-3b38-48c4-9768-b920a5361d1c/
0
0

Conf24-FIRM-Wrap-Defining%20Gel-1956-US-X2%201%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/842d20c5-a98f-4657-a248-9a2425aab527/
0
0

Coffee%2016.9.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/93396919-133c-4bb5-93eb-4649915e3f2d/
0
0

Shop%20All%2016.9%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5443a1b7-01c6-492b-a84a-6984845411dc/
0
0

Perks%20Member.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/
0
0

Perks%20Member%205%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/
0
0

WrapRebrand_Banner_4096x1862.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fc56eef0-4fae-41d8-9ba7-7688b4bb8761/
7 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fc56eef0-4fae-41d8-9ba7-7688b4bb8761/WrapRebrand_Banner_4096x1862.jpg?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=2513168 idim=4096x1862 ifmt=jpeg ofsz=271594 odim=4096x1862 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"VLb/VroV8MpwQI5UWQQ128aRRz7L2OqWnLXktWLQUsM"
x-timer
S1731501577.526091,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
271594
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010214
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000163-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
30-day%20drop_HomepageHeroes_US_desktop.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5231eccb-3fe2-450d-8a00-be660fc0cb2c/
7 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5231eccb-3fe2-450d-8a00-be660fc0cb2c/30-day%20drop_HomepageHeroes_US_desktop.jpg?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=3078224 idim=4096x1862 ifmt=jpeg ofsz=452590 odim=4096x1862 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"JF7HtIKOIFYAWX8CeanRA2/u7e3c2TmkNudq3Da9yy4"
x-timer
S1731501577.526490,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
452590
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010249
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200167-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
tri-leaf-white-svg.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/
1 KB
1 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/tri-leaf-white-svg.svg?w=20&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DBDFDBC0C24953
x-timer
S1731501577.526424,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1160
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Tue, 07 Nov 2023 21:51:52 GMT
x-served-by
cache-iad-kiad7000102-IAD, cache-fra-etou8220090-FRA
x-cache-hits
1528, 1
lightbulb_innovation.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/
0
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/lightbulb_innovation.svg?w=80&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC28D007CEFB54
x-timer
S1731501577.534498,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1362
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Thu, 08 Feb 2024 18:01:52 GMT
x-served-by
cache-iad-kcgs7200116-IAD, cache-fra-etou8220090-FRA
x-cache-hits
4, 1
handshake_community.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/
0
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/handshake_community.svg?w=80&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC28D08D987F23
x-timer
S1731501577.534972,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4560
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Thu, 08 Feb 2024 18:05:37 GMT
x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-etou8220090-FRA
x-cache-hits
24, 1
diversity_1_philanthropy.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/
0
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/diversity_1_philanthropy.svg?w=80&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC28D064DCF562
x-timer
S1731501577.534791,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4248
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Thu, 08 Feb 2024 18:04:29 GMT
x-served-by
cache-iad-kjyo7100044-IAD, cache-fra-etou8220090-FRA
x-cache-hits
10206, 1
PICK%20%26%20SAVE-whats%20new-US.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d580ec4d-3fc7-499c-96f2-8b259a0b2ca7/
1 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d580ec4d-3fc7-499c-96f2-8b259a0b2ca7/PICK%20%26%20SAVE-whats%20new-US.jpg?w=1056&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=689443 idim=1350x1080 ifmt=jpeg ofsz=66884 odim=1056x845 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"dObjdijhnaNibAC5SOKgr99E69+R0sGHBfUq/mYwp58"
x-timer
S1731501577.531080,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
66884
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010226
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200146-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
Whats%20New-Keto%20Coffee%20Sugar%20Cookie-US.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0b75adb0-3017-40e2-9cb2-8028fd519802/
1 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0b75adb0-3017-40e2-9cb2-8028fd519802/Whats%20New-Keto%20Coffee%20Sugar%20Cookie-US.jpg?w=1056&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=631207 idim=1350x1080 ifmt=jpeg ofsz=56480 odim=1056x845 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"bKN7OWqsOKX8RgsQSSmz6kHxvwFpPNhDKsqEPdJBX3M"
x-timer
S1731501577.534615,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
56480
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010211
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200164-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
Whats%20New-Multi%20Greens-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5323250b-4949-492c-a9fd-2b50cf4096e3/
0
0

loader.svg
bmoochler.itworks.com/portal/
829 B
783 B
Image
General
Full URL
https://bmoochler.itworks.com/portal/loader.svg
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.d19a8d17d4550d96.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://bmoochler.itworks.com/portal/styles.d19a8d17d4550d96.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"33d-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:36 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed34ff9352bb5-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
fa-regular-400.woff2
bmoochler.itworks.com/portal/
0
0

fa-solid-900.woff2
bmoochler.itworks.com/portal/
0
0

MaterialSymbolsOutlined.woff2
bmoochler.itworks.com/assets/material-design-icons/
0
0

pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://bmoochler.itworks.com
Referer
https://bmoochler.itworks.com/

Response headers

age
882
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 12:24:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:24:53 GMT
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7840
x-xss-protection
0
server
sffe
log
bmoochler.itworks.com/api/
0
157 B
XHR
General
Full URL
https://bmoochler.itworks.com/api/log
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed350a9a52bb5-FRA
access-control-allow-origin
https://bmoochler.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:35 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
Primary Request /
itworks.com/
20 KB
5 KB
Document
General
Full URL
https://itworks.com/
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/main.92d072141887f25d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b0e40ef9faf5b8b16f241b9f41045d176b32e3979b7850d07f28e166cb8ef7f3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://bmoochler.itworks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8e1ed3551841d22f-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Wed, 13 Nov 2024 12:39:36 GMT
last-modified
Tue, 12 Nov 2024 20:16:09 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=2592000
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-xss-protection
1; mode=block
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.209.131.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-131-209.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Wed, 13 Nov 2024 12:39:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
b5b84745
settings.luckyorange.com/ Frame
0
0
Preflight
General
Full URL
https://settings.luckyorange.com/b5b84745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://bmoochler.itworks.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 13 Nov 2024 12:39:36 GMT
via
1.1 google
global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed34f2efa364d-FRA
date
Wed, 13 Nov 2024 12:39:35 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed34f2efe364d-FRA
date
Wed, 13 Nov 2024 12:39:35 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
untitled_content_item_7eaf584
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_7eaf584?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed34faf81364d-FRA
date
Wed, 13 Nov 2024 12:39:35 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
untitled_content_item_e785bd0
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_e785bd0?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed34faf86364d-FRA
date
Wed, 13 Nov 2024 12:39:35 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
untitled_content_item_5f98934
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_5f98934?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed34fdfa6364d-FRA
date
Wed, 13 Nov 2024 12:39:35 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
sugar_cookie_shop_now_to_pdp
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/sugar_cookie_shop_now_to_pdp?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed34fdfa8364d-FRA
date
Wed, 13 Nov 2024 12:39:35 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
untitled_content_item_5a6a6b3
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_5a6a6b3?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed34fdfa9364d-FRA
date
Wed, 13 Nov 2024 12:39:35 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
log
bmoochler.itworks.com/api/
0
0

log
bmoochler.itworks.com/api/
0
0

items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
34 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=36405VALUE,38901VALUE,38402VALUE,38701VALUE,30206,35200VALUE,33404VALUE,36801VALUE,32202VALUE,38101&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color,assets,image,mobile_image,link,max_image_width,taxonomy&depth=99&language=en-US
Requested by
Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://bmoochler.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:36 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
x-request-charge
51
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230117-FRA, cache-fra-eddf8230118-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:36 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731437172.285920,VS0,VE107
referrer-policy
no-referrer
cf-ray
8e1ed3567dfa364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
11912
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=36405VALUE,38901VALUE,38402VALUE,38701VALUE,30206,35200VALUE,33404VALUE,36801VALUE,32202VALUE,38101&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color,assets,image,mobile_image,link,max_image_width,taxonomy&depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://bmoochler.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed3550cc3364d-FRA
date
Wed, 13 Nov 2024 12:39:36 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
log
bmoochler.itworks.com/api/
0
0

log
bmoochler.itworks.com/api/
0
0

log
bmoochler.itworks.com/api/
0
0

log
bmoochler.itworks.com/api/
0
0

log
bmoochler.itworks.com/api/
0
0

collect
region1.analytics.google.com/g/
0
0

rum
bmoochler.itworks.com/cdn-cgi/
0
0

fa-solid-900.ttf
bmoochler.itworks.com/portal/
0
0

fa-regular-400.ttf
bmoochler.itworks.com/portal/
0
0

jquery-2.2.4.min.js
code.jquery.com/
84 KB
0
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-14e4a"
age
1492234
x-cache
HIT, HIT
date
Wed, 13 Nov 2024 12:39:23 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
1, 152418
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21935-LGA, cache-fra-eddf8230157-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1731501564.600524,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
29811
server
nginx
js
maps.googleapis.com/maps/api/
239 KB
21 B
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
b3a37accd72a5b61cd9c09efe0866713ac332ac9d703948c835ab4a2ab920530
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
d660d06a
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
82068
date
Wed, 13 Nov 2024 12:39:37 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/
311 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
58e865290669671cf05e81228171fd65e9b2358b6315371b929c8af58c768654
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Wed, 13 Nov 2024 12:39:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:25 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 13 Nov 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
96770
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
0
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
gzip
age
755
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 14:26:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:26:50 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
runtime.9bc0ca4a1421af2a.js
itworks.com/portal/
3 KB
2 KB
Script
General
Full URL
https://itworks.com/portal/runtime.9bc0ca4a1421af2a.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ca740ddb39784283b5896d018acd661341698bb5c5b7dcdeaa942d23e8571e8c
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"dd9-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:37 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:37 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed358e96ad22f-FRA
access-control-allow-origin
https://itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
polyfills.4eabdd1b793ab22a.js
itworks.com/portal/
69 KB
24 KB
Script
General
Full URL
https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cca4851fa7a29a0607378c513516b3f892446d4a6a0c8cc33e6cfae6e2412ba9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"11535-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:37 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:37 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed358e96dd22f-FRA
access-control-allow-origin
https://itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
scripts.7f0b88fdce9e9506.js
itworks.com/portal/
123 KB
45 KB
Script
General
Full URL
https://itworks.com/portal/scripts.7f0b88fdce9e9506.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d17a761a107c7b27e2aae1e12a2be31159021f0605ec2dccf9f5ef0802ff3bdd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"1ea78-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:37 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:37 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed359ab29d22f-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
main.92d072141887f25d.js
itworks.com/portal/
3 MB
775 KB
Script
General
Full URL
https://itworks.com/portal/main.92d072141887f25d.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d7e5d88e6af96d0448e1c6e8cd2225192d23d49534a3a3f2ef3c7c158758b106
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"306a94-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:37 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:37 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed358e96fd22f-FRA
access-control-allow-origin
https://itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
0
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8e1ed30b6c84dbf7-FRA
access-control-allow-origin
*
date
Wed, 13 Nov 2024 12:39:24 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
44 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Wed, 13 Nov 2024 12:39:37 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
styles.d19a8d17d4550d96.css
itworks.com/portal/
1 MB
170 KB
Stylesheet
General
Full URL
https://itworks.com/portal/styles.d19a8d17d4550d96.css
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ac722ff914b53d8a19b32c6fea6a45776ea7fa518f4fca32c7011775feedab56
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"10eeca-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:37 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:38 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed359ab2ed22f-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

age
595161
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:20:04 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:20:04 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
js
www.googletagmanager.com/gtag/
411 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4b70v79783485za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
df25caef019af70aaa3666f122de83b5b69b2f08089204ca04d61d9a85362821
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Wed, 13 Nov 2024 12:39:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
134923
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4b70v890894587z879783485za200zb79783485&_p=1731501577040&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101823848~101925629~102067554~102077855&cid=1540160463.1731501578&ecid=1128585007&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&sid=1731501577&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1818
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4b70v79783485za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:37 GMT
content-type
text/plain
server
Golfe2
styles.d19a8d17d4550d96.css
itworks.com/portal/
1 MB
0
Stylesheet
General
Full URL
https://itworks.com/portal/styles.d19a8d17d4550d96.css
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ac722ff914b53d8a19b32c6fea6a45776ea7fa518f4fca32c7011775feedab56
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"10eeca-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:37 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:38 GMT
content-type
text/css; charset=UTF-8
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed359ab2ed22f-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
level
itworks.com/api/log/
20 B
216 B
XHR
General
Full URL
https://itworks.com/api/log/level
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/

Response headers

cf-cache-status
DYNAMIC
etag
W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
access-control-allow-credentials
true
cf-ray
8e1ed3656ead5d5b-FRA
alt-svc
h3=":443"; ma=86400
content-length
20
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-powered-by
Express
server
cloudflare
countries
services.itworks.com/countries/v1/
3 KB
0
XHR
General
Full URL
https://services.itworks.com/countries/v1/countries
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/

Response headers

correlationid
3623389c16268ecb1300a08afc7444a4
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 16:39:33 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:33 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
996ef7e1-9413-42e0-822f-c119dc8682b7
last-modified
Wed, 13 Nov 2024 12:39:33 GMT
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed33d8fcd9b69-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
bag
itworks.com/ajax/
1 KB
987 B
XHR
General
Full URL
https://itworks.com/ajax/bag
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22f309afe7505005f0287d3f2004f9b3a3d22ab495cb1d3c55815849ba10c28
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/

Response headers

cache-control
no-store,no-cache,no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache,no-cache
cf-ray
8e1ed3658ed05d5b-FRA
expires
Tue, 12 Nov 2024 12:39:38 GMT,0
x-iwgtime
11/13/2024 6:39:39 AM
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
application/json; Charset=utf-8
server
cloudflare
x-frame-options
SAMEORIGIN
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/
2 B
46 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer
https://itworks.com/

Response headers

content-md5
d751713988987e9331980363e24189ce
access-control-max-age
300
content-encoding
gzip
etag
"d751713988987e9331980363e24189ce"
age
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
application/json
x-served-by
cache-fra-etou8220113-FRA
x-cache-hits
17
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
vary
Accept-Encoding
cache-control
max-age=0
x-timer
S1731501579.149317,VS0,VE0
ld-region
us-east-1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
26
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/
44 KB
61 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
72c93bd5f9f4d0f826db9176bf79f8465ee1639745521aa586541751bd2c39ec

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer
https://itworks.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
etag
"523dbb"
age
0
access-control-allow-methods
OPTIONS, GET
x-cache
HIT
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
application/json
x-served-by
cache-fra-etou8220113-FRA
x-cache-hits
0
vary
Authorization, Accept-Encoding
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
cache-control
max-age=0
retry-after
0
x-timer
S1731501579.149475,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
6045
server
Varnish
main.js
itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/ Frame 0CC8
Redirect Chain
  • https://itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
8 KB
4 KB
Script
General
Full URL
https://itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
Protocol
H3
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
add67e0539a007ca55f1606b515021dd6b110e3b5166cb1f83659be0819f9456
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8e1ed3667f845d5b-FRA
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/22755d9a86c9/main.js?
cf-ray
8e1ed365beec5d5b-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:39 GMT
vary
Accept-Encoding
server
cloudflare
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Wed, 13 Nov 2024 12:39:39 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-served-by
cache-fra-etou8220113-FRA
x-timer
S1731501579.138607,VS0,VE0
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/
0
358 B
XHR
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.209.131.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-131-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Wed, 13 Nov 2024 12:39:39 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-served-by
cache-fra-etou8220113-FRA
x-timer
S1731501579.138792,VS0,VE0
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4b70v890894587za200zb79783485&_p=1731501577040&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101823848~101925629~102067554~102077855&cid=1540160463.1731501578&ecid=1128585007&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EEA&_s=2&sid=1731501577&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=scroll&epn.percent_scrolled=90&_et=22&tfd=3477
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
text/plain
server
Golfe2
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4b70v890894587za200zb79783485&_p=1731501577040&gcs=G111&gcu=1&gcd=13r3r3r2r5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102067554~102077855&gcut=3&cid=22383634.1731501571&ecid=1694987449&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=3&sid=1731501571&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=user_engagement&ep.ga_temp_client_id=1540160463.1731501578&ep.ga_temp_ecid=1128585007&_et=1600&tfd=3477
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
63 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B9ZCN4XJNP&cid=22383634.1731501571&gtm=45je4b70v890894587za200zb79783485&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&frm=0&tag_exp=101823848~101925629~102067554~102077855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4b70v79783485za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
text/plain
server
Golfe2
rum
itworks.com/cdn-cgi/
0
138 B
XHR
General
Full URL
https://itworks.com/cdn-cgi/rum?
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type
application/json
Referer
https://itworks.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8e1ed3669f985d5b-FRA
access-control-allow-origin
https://itworks.com
date
Wed, 13 Nov 2024 12:39:39 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.209.131.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-131-209.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Wed, 13 Nov 2024 12:39:39 GMT
strict-transport-security
max-age=31536000; includeSubDomains
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed366dfd15d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:39 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/
44 KB
0
EventSource
General
Full URL
https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Cache-Control
no-cache
Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
cache-control
no-cache, no-store, must-revalidate
ld-region
eu-west-1
access-control-allow-methods
GET,OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
text/event-stream; charset=utf-8
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
favicon.svg
static.myitworks.com/themes/rws-v3/images/
841 B
0
Other
General
Full URL
https://static.myitworks.com/themes/rws-v3/images/favicon.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

Cache-Control
public, max-age=14400
Content-Encoding
gzip
CF-Cache-Status
HIT
etag
W/"28dcb8f1704cd91:0"
Age
4943
CF-RAY
8e1ed33f0bd0dc8e-FRA
Expires
Wed, 13 Nov 2024 16:39:32 GMT
access-control-allow-origin
*
Date
Wed, 13 Nov 2024 12:39:32 GMT
Content-Type
image/svg+xml
last-modified
Wed, 01 Mar 2023 19:06:35 GMT
Vary
Accept-Encoding
Server
cloudflare
access-control-allow-headers
Content-Type,Authorization
8e1ed3551841d22f
itworks.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 0CC8
0
665 B
XHR
General
Full URL
https://itworks.com/cdn-cgi/challenge-platform/h/b/jsd/r/8e1ed3551841d22f
Requested by
Host: itworks.com
URL: https://itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8e1ed36788665d5b-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:39 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
US
services.itworks.com/countries/v1/countrysettings/
709 B
0
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings/US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/

Response headers

correlationid
96b5f3e5e88e6fbdff7027beb4b609e4
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 16:39:34 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
623b848a-2ccd-4473-8ed6-c4765d1b01a4
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed3448bd29b69-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
US
services.itworks.com/countries/v1/countrysettings/
709 B
0
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings/US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/

Response headers

correlationid
96b5f3e5e88e6fbdff7027beb4b609e4
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 16:39:34 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
623b848a-2ccd-4473-8ed6-c4765d1b01a4
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed3448bd29b69-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
26 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d88b75fc8e1926273a00509c072bc40072cf9482950db4fb0f6c10e4b2527fac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
46
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230093-FRA, cache-fra-eddf8230058-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1730621576.537096,VS0,VE396
referrer-policy
no-referrer
cf-ray
8e1ed3472e3d364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6096
server
cloudflare
site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed369d9d9364d-FRA
date
Wed, 13 Nov 2024 12:39:39 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
shipping_method_static_content
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/shipping_method_static_content?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36a4a36364d-FRA
date
Wed, 13 Nov 2024 12:39:39 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36a4a37364d-FRA
date
Wed, 13 Nov 2024 12:39:39 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36a4a39364d-FRA
date
Wed, 13 Nov 2024 12:39:39 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
shipping_method_static_content
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
28 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/shipping_method_static_content?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c1dd8c727d9e4a5785f82ae48888b3077bd31df51052fe983e510d6d4a82c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
54
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220102-FRA, cache-fra-eddf8230133-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1730606272.875628,VS0,VE380
referrer-policy
no-referrer
cf-ray
8e1ed3489fa6364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6211
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
71 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
686472c4e28141b1b8b4433c5b529cb74fc99219396897f6daafed92b4b50378
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
45
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230047-FRA, cache-fra-eddf8230071-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731437169.117125,VS0,VE415
referrer-policy
no-referrer
cf-ray
8e1ed3489fb2364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12324
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
4 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=en-US&limit=1
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48297ac13e76efd39f64d23005c41a9d27bf6528ec62faba0715f07fc42a0260
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
1
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230041-FRA, cache-fra-eddf8230138-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731437437.867557,VS0,VE385
referrer-policy
no-referrer
cf-ray
8e1ed3489fb0364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1588
server
cloudflare
lo.js
d20519brkbo4nz.cloudfront.net/core/
13 KB
0
Script
General
Full URL
https://d20519brkbo4nz.cloudfront.net/core/lo.js?site-id=b5b84745
Requested by
Host: itworks.com
URL: https://itworks.com/portal/main.92d072141887f25d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:2600:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f856c8414143f27e5dd06dab33f37003f605eb4ac572f908c08123d2973bc9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
gzip
etag
"2e76f2975071a8eb95d665a06b06cae4"
age
2946
x-cache
Hit from cloudfront
x-amz-cf-id
mrjYGaNohwRtvJyCYtGqXmUy96OmKL-AFDH7UJoNF4XYxijq9cqUeQ==
date
Wed, 13 Nov 2024 11:50:29 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Wed, 06 Nov 2024 20:50:22 GMT
cache-control
max-age=3600
via
1.1 7ed7afde326861e358c3c83359e99894.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4678
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
b5b84745
settings.luckyorange.com/
149 B
165 B
Fetch
General
Full URL
https://settings.luckyorange.com/b5b84745
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
64b1fb0730a1573b37b164dc32848fd6298ca1116285991f86228c42b312d52a

Request headers

x-lucky-uid
undefined
Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
x-lucky-referrer
https://bmoochler.itworks.com/

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
b5b84745
settings.luckyorange.com/ Frame
0
0
Preflight
General
Full URL
https://settings.luckyorange.com/b5b84745
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://itworks.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 13 Nov 2024 12:39:39 GMT
via
1.1 google
header_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
165 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/header_v2?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c3ca31f19f14a1857ba2971f3b8d91f3fcfb09a1af20b6f6f28a7c0040fff31
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
125
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230083-FRA, cache-fra-eddf8230100-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731473694.124149,VS0,VE458
referrer-policy
no-referrer
cf-ray
8e1ed349e8f3364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
31240
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
429 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=en-US&limit=1
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0c6a2458f5b6f9523e63a484964ea8e626a1a1583d71b7b6af7d766087cbc6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
337
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230035-FRA, cache-fra-eddf8230122-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731463838.265687,VS0,VE494
referrer-policy
no-referrer
cf-ray
8e1ed349e8f1364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
112752
server
cloudflare
footer_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
66 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/footer_v2?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d5d83378e4f715a5a194afb2de4799954b0e0225164fa6144c5f1302a26595
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:34 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:34 GMT
x-request-charge
42
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220136-FRA, cache-fra-eddf8230113-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:34 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1730466506.360495,VS0,VE389
referrer-policy
no-referrer
cf-ray
8e1ed349e8f0364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10580
server
cloudflare
header_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/header_v2?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36a9a6b364d-FRA
date
Wed, 13 Nov 2024 12:39:39 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36a9a6c364d-FRA
date
Wed, 13 Nov 2024 12:39:39 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
footer_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/footer_v2?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36a9a6e364d-FRA
date
Wed, 13 Nov 2024 12:39:39 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
ico-close-small-white.svg
itworks.com/portal/
383 B
619 B
Image
General
Full URL
https://itworks.com/portal/ico-close-small-white.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.d19a8d17d4550d96.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
557d020af00c516825b46d036cfc6fd60c8174a802a63458c2a63af428014cf7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/portal/styles.d19a8d17d4550d96.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"17f-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:40 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed36aab675d5b-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

age
592984
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 06 Nov 2025 15:56:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 06 Nov 2024 15:56:30 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36b7c165d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36b7c1b5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36b7c1d5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
products
services.itworks.com/product/v1/categories/best-sellers/
12 KB
0
XHR
General
Full URL
https://services.itworks.com/product/v1/categories/best-sellers/products?country=US&language=en&customerType=LC&orderType=Shopping
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9d671ca07085015d0aa4382112952ba9c026209a406752223df07d8a8d3317

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/

Response headers

correlationid
3cb077c5b8355ee55b6ae0ccf77b28ca
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
ab34d5ff-cad5-4ae1-915d-5c0b825d77e4
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, s-maxage=300, max-age=30, stale-while-revalidate=15
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed34e7eb0d399-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
E-v1.js
fast.wistia.com/assets/external/
838 KB
143 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: itworks.com
URL: https://itworks.com/portal/main.92d072141887f25d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6e365794e0b9a73d5f819bab2639d04a1105c7bb46253b5ecf58c59c44c7218
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
br
etag
"ebc90a9e1dc1e82ea243a7dfa6ad02d8"
age
1866
x-cache
HIT, HIT
date
Wed, 13 Nov 2024 12:39:40 GMT
last-modified
Tue, 12 Nov 2024 21:07:39 GMT
x-served-by
cache-iad-kjyo7100060-IAD, cache-fra-etou8220075-FRA
x-cache-hits
49, 174
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1731501580.115533,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
145943
asset-version
87903ca71b6a589a509dcc183d4cd4e40a87af13
server
AmazonS3
x-amz-server-side-encryption
AES256
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36bcc555d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36bcc565d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
1 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c097e1027f753314a7dd90cb77375c5ac6782186da491ad822c7b0b584d804bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
1
content-type
application/json; charset=utf-8
x-served-by
cache-bma1663-BMA, cache-bma1630-BMA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1729834556.224447,VS0,VE442
referrer-policy
no-referrer
cf-ray
8e1ed34f5f33364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
621
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
54 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=en-US&limit=1
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
439cc02f0bb8f9133d4e9c3de9bffefb199addb5f7de7ce2505b108f8a7b43f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
38
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230083-FRA, cache-fra-eddf8230027-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731437172.070280,VS0,VE407
referrer-policy
no-referrer
cf-ray
8e1ed34f5f2b364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13912
server
cloudflare
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36bdc645d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36bdc665d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36bdc685d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36bdc6a5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36bdc6b5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36bdc6e5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
untitled_content_item_7eaf584
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
7 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_7eaf584?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27e64a1e174f92e134e5e7162b29e26baf226b45886e8d35a2853de6fd86d2e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
6
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220100-FRA, cache-fra-eddf8230142-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1729572429.523955,VS0,VE116
referrer-policy
no-referrer
cf-ray
8e1ed34fdfac364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2196
server
cloudflare
untitled_content_item_e785bd0
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
7 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_e785bd0?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
308b54d5321d2dbbced80ad61774106e89cea8de42a6ac8b478a7a40b2a9118f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
6
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230115-FRA, cache-fra-eddf8230028-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731463847.135152,VS0,VE393
referrer-policy
no-referrer
cf-ray
8e1ed34fefba364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2216
server
cloudflare
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36bfc8b5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36bfc925d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
untitled_content_item_5f98934
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_5f98934?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b06a3195aa92103d0e9accaf216c8200e6554d0d63e45cbb8efdf577b2cd0da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
2
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230056-FRA, cache-fra-eddf8230141-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1729642738.233014,VS0,VE373
referrer-policy
no-referrer
cf-ray
8e1ed3500fdf364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
913
server
cloudflare
sugar_cookie_shop_now_to_pdp
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/sugar_cookie_shop_now_to_pdp?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f3fa7f0fd796bf675f2e7f0aac695f4be1ca0282540a2ccce59fab4da15fce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
2
content-type
application/json; charset=utf-8
x-served-by
cache-bma1622-BMA, cache-bma1620-BMA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731156022.587466,VS0,VE453
referrer-policy
no-referrer
cf-ray
8e1ed3500fe1364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
976
server
cloudflare
untitled_content_item_5a6a6b3
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
0
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_5a6a6b3?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81bc50cb826351b6ec46e7b48f1e2cbc3c0973a7153fc9ef449ba339b8fcfd3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:35 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
x-request-charge
2
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230120-FRA, cache-fra-eddf8230073-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
x-frame-options
DENY
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1729607857.935526,VS0,VE385
referrer-policy
no-referrer
cf-ray
8e1ed3500fdd364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
910
server
cloudflare
Weight%20Control%2016%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/39e82b93-eff1-4f8d-ae95-203a9f5b31ab/
25 KB
25 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/39e82b93-eff1-4f8d-ae95-203a9f5b31ab/Weight%20Control%2016%201.jpg?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6612a5882703839b3abb0db52ca478d4476c005dbe627bc9bc8735664f73046c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=5724952 idim=4096x2304 ifmt=jpeg ofsz=25744 odim=1080x608 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"6139G8ADMhfDfdAHKpSkTmBTibpZznub5xJFiVn5ICo"
x-timer
S1731501580.173000,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
25744
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010246
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100089-IAD, cache-fra-etou8220090-FRA
x-cache-hits
32, 1
Featured%20Category-Gut%20Health-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1ccd3fde-8b3b-4943-9f1f-6a5d4250c744/
42 KB
42 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1ccd3fde-8b3b-4943-9f1f-6a5d4250c744/Featured%20Category-Gut%20Health-US.png?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1fac3e4ab6275edf62271210d3ac8e2b77c182d5d17e0dcd59d89bc5fdbb6d4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1321264 idim=1920x1080 ifmt=png ofsz=43016 odim=1080x608 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"KrWkiSW4s2ih5kh66zalOy9cfo/LbL4JMfjeDVOwkQk"
x-timer
S1731501580.172992,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
43016
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010247
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000052-IAD, cache-fra-etou8220090-FRA
x-cache-hits
28, 1
Active%20Lifestyle%2016.9%202%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/05953d3b-3b38-48c4-9768-b920a5361d1c/
39 KB
39 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/05953d3b-3b38-48c4-9768-b920a5361d1c/Active%20Lifestyle%2016.9%202%20%281%29.png?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf422544f33d68cc402b9a7389b4f15d5ce54a0d4981a657c2952c6a65ed9c6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=8855564 idim=6953x3911 ifmt=png ofsz=39654 odim=1080x607 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"+cGZuomO2WrYecWhYE03PLPHVNMrGiPaUc9cfjGE+s0"
x-timer
S1731501580.173206,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
39654
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010248
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100117-IAD, cache-fra-etou8220090-FRA
x-cache-hits
31, 1
Conf24-FIRM-Wrap-Defining%20Gel-1956-US-X2%201%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/842d20c5-a98f-4657-a248-9a2425aab527/
19 KB
20 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/842d20c5-a98f-4657-a248-9a2425aab527/Conf24-FIRM-Wrap-Defining%20Gel-1956-US-X2%201%20%281%29.png?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3920c003f19fdf6657c4bd18010ac6be95e6e900b7b2fbc4ca2f647c8e2ca003

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=259808 idim=992x559 ifmt=png ofsz=19816 odim=992x559 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"G+ugCUaixmYEFWvoSCN7vn0Tvc3/imD3E1yoYshZUqs"
x-timer
S1731501580.173185,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
19816
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200096-IAD, cache-fra-etou8220090-FRA
x-cache-hits
33, 1
Coffee%2016.9.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/93396919-133c-4bb5-93eb-4649915e3f2d/
34 KB
35 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/93396919-133c-4bb5-93eb-4649915e3f2d/Coffee%2016.9.png?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa20aa7e572a72d4b449019d735d93c957572bbf8ddef591336533a76264b7e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1993878 idim=3006x1691 ifmt=png ofsz=35274 odim=1080x608 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"gzzlCjHW+VBws/UZREJWHSe6vZRNiPtgLsl1FvQgmTM"
x-timer
S1731501580.173547,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
35274
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010215
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000033-IAD, cache-fra-etou8220090-FRA
x-cache-hits
6, 1
Shop%20All%2016.9%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5443a1b7-01c6-492b-a84a-6984845411dc/
29 KB
29 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5443a1b7-01c6-492b-a84a-6984845411dc/Shop%20All%2016.9%201.jpg?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f239ebcaeae914c4ad3dbab07ec5d473da0938162ed714b06aee76fac77c1932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=948574 idim=1920x1080 ifmt=jpeg ofsz=29516 odim=1080x608 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"KhLwwzTjllCAKZLitiVnWPGO5y4lnF3dQ4vP0d3xJH4"
x-timer
S1731501580.173491,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
29516
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010210
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100121-IAD, cache-fra-etou8220090-FRA
x-cache-hits
6, 1
Perks%20Member.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/
87 KB
87 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/Perks%20Member.jpg?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7249705d38d45667c9573d01f750e39a87a1ac9ebdbcd7e36b2d9dc7759cd94b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=6791563 idim=3392x2729 ifmt=jpeg ofsz=89072 odim=1080x869 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"lviakCqMB91dAcNDud3b3/N287w5Pu0iBrGqaFSv2iY"
x-timer
S1731501580.174914,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
89072
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010246
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000075-IAD, cache-fra-etou8220090-FRA
x-cache-hits
27, 2
Perks%20Member%205%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/
76 KB
76 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/Perks%20Member%205%201.png?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6817e2797ce7771afca1bba2f58e69bb1740f92091428ff6b87af8385c19a1cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=4578526 idim=2000x1600 ifmt=png ofsz=77820 odim=1080x864 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"oaVPn39LPIac7NWAMsTsZHx6cydSuwXsU8CxoFxRXNE"
x-timer
S1731501580.175694,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
77820
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010211
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100113-IAD, cache-fra-etou8220090-FRA
x-cache-hits
7, 2
WrapRebrand_Banner_4096x1862.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fc56eef0-4fae-41d8-9ba7-7688b4bb8761/
265 KB
257 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fc56eef0-4fae-41d8-9ba7-7688b4bb8761/WrapRebrand_Banner_4096x1862.jpg?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cfcd1974fa5bc2dbdbbb2f3a5dfabcaf673f49c10e94c2c7d54682a586f627ee

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=2513168 idim=4096x1862 ifmt=jpeg ofsz=271594 odim=4096x1862 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.179377,VS0,VE1
etag
"VLb/VroV8MpwQI5UWQQ128aRRz7L2OqWnLXktWLQUsM"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
271594
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010214
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000163-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
30-day%20drop_HomepageHeroes_US_desktop.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5231eccb-3fe2-450d-8a00-be660fc0cb2c/
442 KB
434 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5231eccb-3fe2-450d-8a00-be660fc0cb2c/30-day%20drop_HomepageHeroes_US_desktop.jpg?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cdc384134e9036185e0d17b8d554008fe98e2f92460b590600e20e3fe1b7ffe3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=3078224 idim=4096x1862 ifmt=jpeg ofsz=452590 odim=4096x1862 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.179365,VS0,VE1
etag
"JF7HtIKOIFYAWX8CeanRA2/u7e3c2TmkNudq3Da9yy4"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
452590
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010249
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200167-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
tri-leaf-white-svg.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/
1 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/tri-leaf-white-svg.svg?w=20&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35ca72ea1571b028a5dbd8b4238fc778832e836c466b9826bab57d5cdcf80dc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DBDFDBC0C24953
x-timer
S1731501577.526424,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1160
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Tue, 07 Nov 2023 21:51:52 GMT
x-served-by
cache-iad-kiad7000102-IAD, cache-fra-etou8220090-FRA
x-cache-hits
1528, 1
lightbulb_innovation.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/
1 KB
2 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/lightbulb_innovation.svg?w=80&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cdfed35e2d774231a81563470ecf23c3c0b6e6c48922a7c0e5198a0321c365b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC28D007CEFB54
x-timer
S1731501580.176133,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1362
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/svg+xml
last-modified
Thu, 08 Feb 2024 18:01:52 GMT
x-served-by
cache-iad-kcgs7200116-IAD, cache-fra-etou8220090-FRA
x-cache-hits
4, 2
handshake_community.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/
4 KB
5 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/handshake_community.svg?w=80&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03de23361c1221c60ef0070ae7f6b1b30d047e2ed954b3ec03ce374887c523da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC28D08D987F23
x-timer
S1731501580.175853,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4560
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/svg+xml
last-modified
Thu, 08 Feb 2024 18:05:37 GMT
x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-etou8220090-FRA
x-cache-hits
24, 2
diversity_1_philanthropy.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/
4 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/diversity_1_philanthropy.svg?w=80&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5015fb7de2d75e628a6a6efa053ce66de9b47398a3720a8bb14989f17835138f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC28D064DCF562
x-timer
S1731501580.179936,VS0,VE0
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4248
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/svg+xml
last-modified
Thu, 08 Feb 2024 18:04:29 GMT
x-served-by
cache-iad-kjyo7100044-IAD, cache-fra-etou8220090-FRA
x-cache-hits
10206, 2
PICK%20%26%20SAVE-whats%20new-US.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d580ec4d-3fc7-499c-96f2-8b259a0b2ca7/
65 KB
63 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d580ec4d-3fc7-499c-96f2-8b259a0b2ca7/PICK%20%26%20SAVE-whats%20new-US.jpg?w=1056&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7dd4b64b26d354cd9e200c215296db4568f6c4d7577582eb86877a755a6c6113

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=689443 idim=1350x1080 ifmt=jpeg ofsz=66884 odim=1056x845 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.179338,VS0,VE2
etag
"dObjdijhnaNibAC5SOKgr99E69+R0sGHBfUq/mYwp58"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
66884
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010226
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200146-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
Whats%20New-Keto%20Coffee%20Sugar%20Cookie-US.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0b75adb0-3017-40e2-9cb2-8028fd519802/
55 KB
53 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0b75adb0-3017-40e2-9cb2-8028fd519802/Whats%20New-Keto%20Coffee%20Sugar%20Cookie-US.jpg?w=1056&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a908cb8fecee23f2a6fbe8e7b6dd858935856fc5e687cc93fadaebd61f516158

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=631207 idim=1350x1080 ifmt=jpeg ofsz=56480 odim=1056x845 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.179346,VS0,VE4
etag
"bKN7OWqsOKX8RgsQSSmz6kHxvwFpPNhDKsqEPdJBX3M"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
56480
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010211
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200164-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
Whats%20New-Multi%20Greens-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5323250b-4949-492c-a9fd-2b50cf4096e3/
68 KB
69 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5323250b-4949-492c-a9fd-2b50cf4096e3/Whats%20New-Multi%20Greens-US.png?w=1056&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f2f085d6d4206fb177837d778a83ac52e9c6b0554e8bca9456e30390841b8ac7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1230685 idim=1350x1080 ifmt=png ofsz=70092 odim=1056x845 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"YcziDKZh6dy9yCN8GctHOysjk2H6XK5M9jzLWEaHut8"
x-timer
S1731501580.179890,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
70092
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010246
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000069-IAD, cache-fra-etou8220090-FRA
x-cache-hits
25, 1
loader.svg
itworks.com/portal/
829 B
782 B
Image
General
Full URL
https://itworks.com/portal/loader.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.d19a8d17d4550d96.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3c09352a88ecf332aef871bfac5b3b54cadbd3c4cc3939dc0e25d7d4e8ce3d5f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/portal/styles.d19a8d17d4550d96.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"33d-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:40 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed36c1cd55d5b-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

age
133353
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 11 Nov 2025 23:37:02 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 11 Nov 2024 23:37:02 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
fa-regular-400.woff2
itworks.com/portal/
414 KB
414 KB
Font
General
Full URL
https://itworks.com/portal/fa-regular-400.woff2
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.d19a8d17d4550d96.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
846e68e676eeb237d148fb7f15d01fbc938b388b1a903d521ac6b4632ab3db1a
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/portal/styles.d19a8d17d4550d96.css

Response headers

cf-cache-status
MISS
etag
W/"6781c-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:40 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
font/woff2
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed36c4d0b5d5b-FRA
accept-ranges
bytes
access-control-allow-origin
https://itworks.com
content-length
423964
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
fa-solid-900.woff2
itworks.com/portal/
344 KB
345 KB
Font
General
Full URL
https://itworks.com/portal/fa-solid-900.woff2
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.d19a8d17d4550d96.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c05768a13d9e0df4cfeb255d668359ab62b170b28a3513f9e94710f826013df4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/portal/styles.d19a8d17d4550d96.css

Response headers

cf-cache-status
MISS
etag
W/"561f0-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:40 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
font/woff2
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed36c4d145d5b-FRA
accept-ranges
bytes
access-control-allow-origin
https://itworks.com
content-length
352752
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
MaterialSymbolsOutlined.woff2
itworks.com/assets/material-design-icons/
3 MB
3 MB
Font
General
Full URL
https://itworks.com/assets/material-design-icons/MaterialSymbolsOutlined.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a8e71dd2ad2c3a12d8f71c9cbf0d42563aefff5828d07e6fe9da709da1f6b26b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

cf-cache-status
MISS
etag
W/"2e93fc-1932204e758"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:40 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
font/woff2
last-modified
Tue, 12 Nov 2024 20:16:07 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed36c4d165d5b-FRA
accept-ranges
bytes
access-control-allow-origin
https://itworks.com
content-length
3052540
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f3.1e100.net
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

age
882
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 12:24:53 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:24:53 GMT
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7840
x-xss-protection
0
server
sffe
icon-instagram.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/
3 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/icon-instagram.svg?w=32&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DB98FC1030F36A
x-timer
S1731501576.491388,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
2930
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Aug 2023 17:14:17 GMT
x-served-by
cache-iad-kjyo7100104-IAD, cache-fra-etou8220090-FRA
x-cache-hits
21, 1
icon-facebook.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/
462 B
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/icon-facebook.svg?w=32&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DB98FC2354D19C
x-timer
S1731501576.491793,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
462
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Aug 2023 17:14:49 GMT
x-served-by
cache-iad-kcgs7200171-IAD, cache-fra-etou8220090-FRA
x-cache-hits
21, 1
twitter-black%2032x32.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/
785 B
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/twitter-black%2032x32.svg?w=32&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC53EA59EEDAB8
x-timer
S1731501576.491771,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
785
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Wed, 03 Apr 2024 14:28:37 GMT
x-served-by
cache-iad-kjyo7100051-IAD, cache-fra-etou8220090-FRA
x-cache-hits
21, 0
icon-pinterest.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/
1 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/icon-pinterest.svg?w=32&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DB98FC4AD3F6A5
x-timer
S1731501576.492119,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1193
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Aug 2023 17:15:55 GMT
x-served-by
cache-iad-kiad7000116-IAD, cache-fra-etou8220090-FRA
x-cache-hits
21, 1
bag
itworks.com/ajax/
1 KB
987 B
XHR
General
Full URL
https://itworks.com/ajax/bag
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
142a567b270348558b6ec1aa6eeed240b1a57638020531319d2314944f93e848
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/

Response headers

cache-control
no-store,no-cache,no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache,no-cache
cf-ray
8e1ed36cdd8d5d5b-FRA
expires
Tue, 12 Nov 2024 12:39:40 GMT,0
x-iwgtime
11/13/2024 6:39:40 AM
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
application/json; Charset=utf-8
server
cloudflare
x-frame-options
SAMEORIGIN
countrysettings
services.itworks.com/countries/v1/
11 KB
0
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0601a7c89c3edc93dd6ffc8deaf915219c3f9ccbf269e49eec393bbe9f8f9f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/

Response headers

correlationid
6dd7c8babc09999a812d10b9803d2445
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Wed, 13 Nov 2024 16:39:35 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:35 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
ccda9b2a-4a92-4ae3-9dae-7583922a84db
last-modified
Wed, 13 Nov 2024 12:39:35 GMT
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8e1ed34c28c4d399-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36ced9b5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36ced9d5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36ceda05d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36ceda15d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36ceda65d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36ceda85d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cedaa5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cedae5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cedaf5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cedb05d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cfdb45d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cfdb85d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cfdb95d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cfdba5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cfdbc5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cfdbd5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cfdbf5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36cfdc05d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36d0dc65d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36d0dca5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36d0dcb5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
It%20Works%21%20Logo.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/00b19595-5197-4d3a-98b5-bf7ae1d9bf70/
6 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/00b19595-5197-4d3a-98b5-bf7ae1d9bf70/It%20Works%21%20Logo.svg?h=25&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
541d5c9825bd44636e773090fc882bb69d8d978c99b5e1ddf62f30538774755a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DCE13612E784DA
x-timer
S1731501577.530270,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
6005
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/svg+xml
last-modified
Mon, 30 Sep 2024 09:55:54 GMT
x-served-by
cache-iad-kiad7000122-IAD, cache-fra-etou8220090-FRA
x-cache-hits
9, 1
Daily_Routine_WEB_2000x2000.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3d0696ae-a774-4198-a483-411348631671/
4 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3d0696ae-a774-4198-a483-411348631671/Daily_Routine_WEB_2000x2000.jpg?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a12d20090da3b4b1b0eb020379148e317323e1fea3087723d4186c54d22e5946

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=767146 idim=2000x2000 ifmt=jpeg ofsz=3610 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"EHFptWvevg/7gDBdULgzNx8gcObg45WaVVgAuIhnVGs"
x-timer
S1731501576.492481,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
3610
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200105-IAD, cache-fra-etou8220090-FRA
x-cache-hits
12, 0
Listing%20Image-Slimming%20Trio%20Essentials%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/70af87cc-cf2b-4514-92d3-b83ca36f21b8/
18 KB
8 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/70af87cc-cf2b-4514-92d3-b83ca36f21b8/Listing%20Image-Slimming%20Trio%20Essentials%20System.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d34d2bfeea83103cd26afcf72edefdd91bd710234af44374edc3506b148ae40c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=491364 idim=1080x1080 ifmt=png ofsz=18276 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.430617,VS0,VE1
etag
"hNyQARwXrw5DMuNnmhYuMkQASzKZSGoBhbXpKfbiG4o"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18276
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010247
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100040-IAD, cache-fra-etou8220090-FRA
x-cache-hits
12, 0
Listing%20Image-Slimming%20Trio%20Essentials%20System%20-%20Caffeine%20Free.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c777ac87-d994-4188-8cef-0fb32fc4b495/
17 KB
9 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c777ac87-d994-4188-8cef-0fb32fc4b495/Listing%20Image-Slimming%20Trio%20Essentials%20System%20-%20Caffeine%20Free.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5aead7887510db7045f3374e5c70a88f9ebf8eeca74235435ec0cb2fdb1c2f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=422817 idim=1080x1080 ifmt=png ofsz=17420 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.430265,VS0,VE1
etag
"94H+b0/xmLnGmRTrA+lBiGvs6oSjgq8dxy1xChr8ZgM"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
17420
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
img07-us-east4
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200085-IAD, cache-fra-etou8220090-FRA
x-cache-hits
40, 0
SlimmingDeluxeSystem-SKU41702-listing-image1080x1080-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a1d564f3-6d08-41a6-824b-dad36b36406a/
18 KB
6 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a1d564f3-6d08-41a6-824b-dad36b36406a/SlimmingDeluxeSystem-SKU41702-listing-image1080x1080-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
371734ccf792a68daff9693f3f46354567058c36ff02354a849237a43c1187b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=748668 idim=1080x1080 ifmt=png ofsz=18850 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.430257,VS0,VE1
etag
"zJq4RwfoZcWNVb6smCq/S2UDlO2pZ/0GZiYAU9G2iww"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18850
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100126-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
FLAT_FLAT1027_US_900px.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eeef4f00-58f6-4e93-a116-02eea1af0ecc/
4 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eeef4f00-58f6-4e93-a116-02eea1af0ecc/FLAT_FLAT1027_US_900px.jpg?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
027d5dde165217da2bb31aa5878ebc0b962d49096b31ab956f4c3d0af2a0dd98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=116993 idim=900x900 ifmt=jpeg ofsz=4402 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"Ordn/fJPemS2uS8kjEL2JhxdEkPkSpwZqU3bPW2hI1E"
x-timer
S1731501577.524121,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4402
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010229
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200138-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
Healthy%20Gut%20Essentials%20System%20Listing_US%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/baf65e9f-123d-4303-9741-5bf44826c6ae/
20 KB
12 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/baf65e9f-123d-4303-9741-5bf44826c6ae/Healthy%20Gut%20Essentials%20System%20Listing_US%20%281%29.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d92dbd1300eef39f0b27ca0e2a01087a64e3d84384a9196425fce5713cea7921

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=735680 idim=1080x1080 ifmt=png ofsz=20632 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.431424,VS0,VE2
etag
"05yNz5HgXL6bOgCv6BhV1uWL3NyHiHD1zEhqMa5X2Y8"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
20632
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010229
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200054-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
Healthy%20Gut%20Deluxe%20System%20Listing_US%20%283%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4d6147a3-8b88-4f38-8720-afddf97952e4/
18 KB
5 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4d6147a3-8b88-4f38-8720-afddf97952e4/Healthy%20Gut%20Deluxe%20System%20Listing_US%20%283%29.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b9a8a9616e00c029d5725cc5dd0c49d15497f03efd13e7489864d61a85ac2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=647231 idim=1080x1080 ifmt=png ofsz=18164 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.430818,VS0,VE1
etag
"wCjiigwKIFqu44d4wZ6lvkkYe5lke/ihqT94TKaMDq4"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18164
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100080-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
listing%20image-Morning%20Trio-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/95e2b755-e710-4622-bdd5-0b545639977a/
19 KB
10 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/95e2b755-e710-4622-bdd5-0b545639977a/listing%20image-Morning%20Trio-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5520e06b9dfd27b6470edd04bf2c378852a9954e2b3bd7ce0368675946a7c82e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=588781 idim=1080x1080 ifmt=png ofsz=19724 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.430640,VS0,VE2
etag
"T3DiB0ISd+pu96omkJkY0sM9wqPoVYR7qUoPtbLTyIc"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
19724
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
img03-us-east4
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000176-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
mega-menu-greens-multi-us.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/afcdf691-4db5-427e-a72d-796eda2dfb38/
8 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/afcdf691-4db5-427e-a72d-796eda2dfb38/mega-menu-greens-multi-us.jpg?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dfd4a1547459f6dc1c2990a4ca2b5414ca38bd4404f2c1da8558031c237ba156

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1211862 idim=1080x1080 ifmt=jpeg ofsz=8122 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"wK4XJlVTauZoKPX7MndUcsqpTld0eM/59zEUrIbL1Gk"
x-timer
S1731501577.527458,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
8122
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010250
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000035-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
listing%20image-collagen%20ultra-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b4cb8457-040f-4dcd-a550-c133f4450e73/
16 KB
6 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b4cb8457-040f-4dcd-a550-c133f4450e73/listing%20image-collagen%20ultra-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
893943a40dc646ad4f2582ed5012a0dbc63be6f2f2ad6986ad3693690cd20992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=637698 idim=1080x1080 ifmt=png ofsz=16472 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.430276,VS0,VE2
etag
"7njnFBmymNr8aYF5J9ptVil/o/OdhGLDBTnWyYS3Uc8"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
16472
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200073-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
37701VALUE-Skinny%20Hydrate-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/bede3f8e-a4d7-4f81-ba07-484114220dfa/
36 KB
24 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/bede3f8e-a4d7-4f81-ba07-484114220dfa/37701VALUE-Skinny%20Hydrate-1080x1080.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f6093b16472adce538b1ed39291e9fa93f528611e14e4ce17540548376b8a3c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1487113 idim=1081x1081 ifmt=png ofsz=37334 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.429918,VS0,VE1
etag
"DkBtoopRVLU08oyiy2mmaYd3VVJ9Fd5JBPrRqQebQQc"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
37334
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
img01-us-east4
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100042-IAD, cache-fra-etou8220090-FRA
x-cache-hits
7, 0
37101TFVALUE-Superfood-Smoothie-Tropical-Fruit-1080x1080-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eba43fff-ac46-4563-a3ee-51126393b6a3/
26 KB
19 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eba43fff-ac46-4563-a3ee-51126393b6a3/37101TFVALUE-Superfood-Smoothie-Tropical-Fruit-1080x1080-min.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae355ec264fc32deecb1bc5ab9863d755b9a4dbdd71cd687aedcfc130f067291

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=322619 idim=1081x1081 ifmt=png ofsz=26212 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.430408,VS0,VE1
etag
"msKolWHPOL2/Z75HvTTescyJRP1cyC3ZxxC5FSC1wwk"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
26212
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010217
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100172-IAD, cache-fra-etou8220090-FRA
x-cache-hits
7, 0
FIRM-0839-US-X2%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3db6da37-e6e2-4bcb-be85-6ce517bee550/
4 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3db6da37-e6e2-4bcb-be85-6ce517bee550/FIRM-0839-US-X2%201.png?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16947687beb9dc990fd780f4144efdb292d9474c1f74497aa9a917f03d93f026

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1117129 idim=900x900 ifmt=png ofsz=4130 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"7D2y4blKqR8cDJGCXoI89NoR08KZMfbOMvjSOu4yO9c"
x-timer
S1731501577.523722,VS0,VE4
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4130
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200021-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
Image%201%20Listing%20Image%20US%20Body%20Trio.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9f3f2ff9-d3d2-4881-a283-eccc750532e2/
17 KB
5 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9f3f2ff9-d3d2-4881-a283-eccc750532e2/Image%201%20Listing%20Image%20US%20Body%20Trio.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f85430cdc730c3f6138eaa1d8491508bdaac5417f50a9155a30da65f2bf71603

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=808237 idim=1080x1080 ifmt=png ofsz=17490 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.430659,VS0,VE1
etag
"SjnVJ3V8YIHhA+l2v++3nzX7viPFww4sOHZokmcndY8"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
17490
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100024-IAD, cache-fra-etou8220090-FRA
x-cache-hits
11, 0
Hair%2BBody%20Set.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3718ceb9-95c4-4e84-b284-14dbb39e8576/
21 KB
8 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3718ceb9-95c4-4e84-b284-14dbb39e8576/Hair%2BBody%20Set.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0bca1585cfca8f2b441e7182276fb74de04791acb5d5749eaf411663ceacef5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=568327 idim=1080x1080 ifmt=png ofsz=21332 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.429885,VS0,VE1
etag
"fK7fF/syS74m6g5iTk6X/qdOBSA3S5kMdUvxuj5j9jU"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
21332
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010214
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200027-IAD, cache-fra-etou8220090-FRA
x-cache-hits
15, 0
Sugar%20Cookie%20Substance%20Images2%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/dcb572d7-41dc-47c1-a42d-2101093705ca/
5 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/dcb572d7-41dc-47c1-a42d-2101093705ca/Sugar%20Cookie%20Substance%20Images2%20%281%29.png?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
349070e7a44a2c6e0cb83d8553f6ff84e2ba63fc95bd4bf6a2c78e8815202c1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1120696 idim=1080x1080 ifmt=png ofsz=5266 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"rkmDltiOGFHSIJTFxfan4XHHzfUeScsAe1dlOF7fNfg"
x-timer
S1731501577.527092,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
5266
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010250
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100175-IAD, cache-fra-etou8220090-FRA
x-cache-hits
15, 0
Coffee%20Sampler%20Pack-listing%20images.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/580f7c16-4a6a-4562-b14e-017d09460173/
18 KB
9 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/580f7c16-4a6a-4562-b14e-017d09460173/Coffee%20Sampler%20Pack-listing%20images.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
52fbeac0ef5949dc15505d9c399e60f7e889fbee6274faa71a9a97e1481e85ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=740186 idim=1080x1080 ifmt=png ofsz=18654 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.429821,VS0,VE10
etag
"9+Xf2TcNX50GDBJ+zLDH8phLGslM3vNrw5QrNaovWMU"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18654
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010227
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200061-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
listing%20image-Morning%20Trio-skinnybrew-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/305792d2-0bdc-41e6-a48d-a5006482578c/
19 KB
7 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/305792d2-0bdc-41e6-a48d-a5006482578c/listing%20image-Morning%20Trio-skinnybrew-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76e7797c039a87bac86bfd1b7e242a7fe9cca40ef1e122fd577c7c5809a2a8c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=653820 idim=1080x1080 ifmt=png ofsz=19544 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.429773,VS0,VE1
etag
"7CcZJuH8i1mJecd6UP2IvB121kBnMbaWhhAHiPNQh5o"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
19544
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010216
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200029-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
TFXX-Substance%20Images4.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e9441474-4fd9-4c5a-b3ea-26ef37a9315b/
3 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e9441474-4fd9-4c5a-b3ea-26ef37a9315b/TFXX-Substance%20Images4.png?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
69e067e12d35f19d81236ce13b12dc0212198ec308c943cbfa965917770785d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=901529 idim=900x900 ifmt=png ofsz=3312 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"5caQpgzngpqM93OjhZFn0ZSVgQ0yNXObj0AtYo4VQEI"
x-timer
S1731501577.530724,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
3312
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010227
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100086-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
38601VALUE-Skinny-Proffee-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/78f9ac4e-7c03-44e2-b6c8-161d877a063e/
32 KB
23 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/78f9ac4e-7c03-44e2-b6c8-161d877a063e/38601VALUE-Skinny-Proffee-1080x1080.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
13ce14e782b5d1654868ee929c6582d4e323fe777d40137f63436fd04abccdc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1218856 idim=1081x1081 ifmt=png ofsz=33006 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.438910,VS0,VE1
etag
"P1Y6L59K9KUbV6u0qZ4SFqEipFZdil9aWzalvopMcnc"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
33006
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000159-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 0
37501VALUE-Power%20Hydrate-1080x1080%20%281%29-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7a6cd079-09df-4cd2-b9ba-07dc5e04abf2/
17 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7a6cd079-09df-4cd2-b9ba-07dc5e04abf2/37501VALUE-Power%20Hydrate-1080x1080%20%281%29-min.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d3a5c14c1aa5549f33fc18ec25f66b70ca9703a6407464d5a951d9239a17f05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=271713 idim=1081x1081 ifmt=png ofsz=17076 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.438846,VS0,VE1
etag
"2M8fg1vVPJZcWzDOO46NvovEx/W9MENMLcBuub9vLgc"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
17076
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010212
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000056-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
Perks%20Member%205%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/
29 KB
19 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/Perks%20Member%205%201.png?w=500&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95ad3a4e268330737e27ab319b967bd876d34ff11d061b7272060e57f89c21ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=4578526 idim=2000x1600 ifmt=png ofsz=29346 odim=500x400 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.439331,VS0,VE0
etag
"iVlSEg5aLoFtfkXj6WiTTO1Q+Z/AcRoG/fyyIq7o3No"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
29346
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010211
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100113-IAD, cache-fra-etou8220090-FRA
x-cache-hits
2, 2
Perks%20Member.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/
27 KB
13 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/Perks%20Member.jpg?w=500&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
496c6f4130c58605065dc4de7dcfc7954587927810df71251997e10dab1ca636

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=6791563 idim=3392x2729 ifmt=jpeg ofsz=27266 odim=500x402 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.439288,VS0,VE0
etag
"aAtz7OaTUelXDUp5O/nrC2pEQmyMyy/suDP8+76GwEw"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
27266
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010246
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000075-IAD, cache-fra-etou8220090-FRA
x-cache-hits
2, 2
Events%20US%20Leadership%20Summit.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/32be78f8-eaa2-4583-8210-672da0241750/
6 KB
0
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/32be78f8-eaa2-4583-8210-672da0241750/Events%20US%20Leadership%20Summit.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d3f172641ebd9a59ffa17a978658424121275619c6852e8f8845f9628de49a92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=22400 idim=1000x800 ifmt=png ofsz=5848 odim=450x360 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"TULZCKy2tRVpLFyX2Cw76nTysx6cQ2oL8JKDpN2cmTc"
x-timer
S1731501577.523561,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
5848
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010212
date
Wed, 13 Nov 2024 12:39:36 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200022-IAD, cache-fra-etou8220090-FRA
x-cache-hits
14, 1
Gear%20Store%20Nav%20Image%20%281%29%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3505a99c-67d5-4cf8-bf8d-41ab7f184f09/
15 KB
2 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3505a99c-67d5-4cf8-bf8d-41ab7f184f09/Gear%20Store%20Nav%20Image%20%281%29%201.jpg?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d3db141429a250044d131a10847e705de586b775973b22d29dd4c41260e27e17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=660077 idim=1286x965 ifmt=jpeg ofsz=15280 odim=450x338 ofmt=webp
cache-control
public, immutable, max-age=31536000
x-timer
S1731501580.439195,VS0,VE1
etag
"UOR8koITO1B4VhUIyp9OfNX+gvzgtF29nMgpONeGcAM"
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
15280
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010231
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200167-IAD, cache-fra-etou8220090-FRA
x-cache-hits
13, 0
global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36bcbb1364d-FRA
date
Wed, 13 Nov 2024 12:39:40 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36bcbb2364d-FRA
date
Wed, 13 Nov 2024 12:39:40 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
untitled_content_item_7eaf584
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_7eaf584?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36bebd6364d-FRA
date
Wed, 13 Nov 2024 12:39:40 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
untitled_content_item_e785bd0
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_e785bd0?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36bebd8364d-FRA
date
Wed, 13 Nov 2024 12:39:40 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
untitled_content_item_5f98934
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_5f98934?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36bfbdf364d-FRA
date
Wed, 13 Nov 2024 12:39:40 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
sugar_cookie_shop_now_to_pdp
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/sugar_cookie_shop_now_to_pdp?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36bfbe2364d-FRA
date
Wed, 13 Nov 2024 12:39:40 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
untitled_content_item_5a6a6b3
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_5a6a6b3?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36bfbe6364d-FRA
date
Wed, 13 Nov 2024 12:39:40 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
us.svg
itworks.com/portal/
4 KB
1 KB
Image
General
Full URL
https://itworks.com/portal/us.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.d19a8d17d4550d96.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/portal/styles.d19a8d17d4550d96.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"116d-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:40 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
image/svg+xml
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed36d8e3c5d5b-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
Inter-roman.var.woff2
itworks.com/portal/
222 KB
222 KB
Font
General
Full URL
https://itworks.com/portal/Inter-roman.var.woff2?v=3.19
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.d19a8d17d4550d96.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/portal/styles.d19a8d17d4550d96.css

Response headers

cf-cache-status
MISS
etag
W/"3776c-1932204c430"
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 16:39:40 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
content-type
font/woff2
last-modified
Tue, 12 Nov 2024 20:15:58 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8e1ed36dcea45d5b-FRA
accept-ranges
bytes
access-control-allow-origin
https://itworks.com
content-length
227180
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
56 KB
12 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=36405VALUE,38901VALUE,38402VALUE,38701VALUE,30206,35200VALUE,33404VALUE,36801VALUE,32202VALUE,38101&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color,assets,image,mobile_image,link,max_image_width,taxonomy&depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
54808d949ca00a62517b781baf36625cc51d434ddd3aaad5f8ba4039e6cecfb9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
EXPIRED
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:40 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:40 GMT
x-request-charge
51
content-type
application/json; charset=utf-8
x-served-by
cache-hel1410027-HEL, cache-hel1410030-HEL
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:40 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731437603.648053,VS0,VE481
referrer-policy
no-referrer
cf-ray
8e1ed36e9e6f364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
11912
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=36405VALUE,38901VALUE,38402VALUE,38701VALUE,30206,35200VALUE,33404VALUE,36801VALUE,32202VALUE,38101&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color,assets,image,mobile_image,link,max_image_width,taxonomy&depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed36dbdba364d-FRA
date
Wed, 13 Nov 2024 12:39:40 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230132-FRA
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36e7f555d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36e7f565d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36effbf5d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36effc25d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8e1ed36effc55d5b-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Wed, 13 Nov 2024 12:39:40 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=pricing_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e1ed3752c8d364d-FRA
date
Wed, 13 Nov 2024 12:39:41 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230032-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
3 KB
2 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=pricing_static_content&depth=99&language=en-US&limit=1
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b1fea6406d168812ae16df6517c021cbd3296e695167e4a6445166042df3595
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
EXPIRED
x-content-type-options
nosniff
expires
Wed, 13 Nov 2024 12:44:41 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Wed, 13 Nov 2024 12:39:41 GMT
x-request-charge
1
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230094-FRA, cache-fra-eddf8230100-FRA
x-cache-hits
0, 0
last-modified
Wed, 13 Nov 2024 12:39:41 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731437174.629925,VS0,VE380
referrer-policy
no-referrer
cf-ray
8e1ed3755cb3364d-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1091
server
cloudflare
36405-SKNY-Gummies-1080x1080px-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4c07a6f7-6947-4742-ad5f-1850bc75434f/
36 KB
36 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4c07a6f7-6947-4742-ad5f-1850bc75434f/36405-SKNY-Gummies-1080x1080px-US.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98a18a65d3515818352fb67eb8529f28f7c244d0e985a0b5327b00eb630a5fbb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=383385 idim=1080x1080 ifmt=png ofsz=36666 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"KCye4rcIFemAeC6UoRS5frHbsz2ad4jbrT2CjzX1lY8"
x-timer
S1731501582.662160,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
36666
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Wed, 13 Nov 2024 12:39:41 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200072-IAD, cache-fra-etou8220025-FRA
x-cache-hits
28, 0
BRN%2B_1080x1080_listing%20image.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/df6d7303-f6bc-43fa-a53a-f375a15c0aa4/
31 KB
32 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/df6d7303-f6bc-43fa-a53a-f375a15c0aa4/BRN%2B_1080x1080_listing%20image.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
768452f0ba61f4c89cc5f0834315775d546f3293f00d6ab6cc1884d3e3ff9ee1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=298814 idim=1080x1080 ifmt=png ofsz=32210 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"pm9Ew3IrpKmN5s7I6LSwyGLuXSuCUg9B5quun4EFFX8"
x-timer
S1731501582.661862,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
32210
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Wed, 13 Nov 2024 12:39:41 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100073-IAD, cache-fra-etou8220025-FRA
x-cache-hits
97, 0
Listing%20image-slmr-us.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0e3aa0e0-1bb3-4513-9227-40cbfa288489/
27 KB
27 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0e3aa0e0-1bb3-4513-9227-40cbfa288489/Listing%20image-slmr-us.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7bc1291fd4e9741cd54f92b7255bbdadd73e7cbc303ccbed64287a2d1fc00973

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=608900 idim=1080x1080 ifmt=png ofsz=27712 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"BkZttDL0klZCzzPkSfOxoN6iQS9f1ns0Z5Fm49MWKuE"
x-timer
S1731501582.662659,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
27712
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010211
date
Wed, 13 Nov 2024 12:39:41 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200108-IAD, cache-fra-etou8220025-FRA
x-cache-hits
28, 0
Listing%20Image-FLAT.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9c0c97f6-5f29-4234-8134-c73270e87c76/
27 KB
27 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9c0c97f6-5f29-4234-8134-c73270e87c76/Listing%20Image-FLAT.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e7032d47d8900347d5167a6308ffd161260e8e09fee4b554f241b707c317038

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=393488 idim=1080x1080 ifmt=png ofsz=27670 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"a7wFtcdkxjLa/krIQQu/F1z6m1m5rKq2yysYbYS4MtM"
x-timer
S1731501582.662204,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
27670
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010247
date
Wed, 13 Nov 2024 12:39:41 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200167-IAD, cache-fra-etou8220025-FRA
x-cache-hits
54, 0
Listing%20Image-TFXX.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/69a06fa6-ac5f-41b2-815a-f4393ba28ea9/
38 KB
38 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/69a06fa6-ac5f-41b2-815a-f4393ba28ea9/Listing%20Image-TFXX.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
237abadacd16b6615ca3aaa560fc0c7e2c709d97256c5dc8a21b4c5dc1d2b845

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=418766 idim=1080x1080 ifmt=png ofsz=38458 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"TB9fxRLX6LKSLkyz/6aWWld36L2f5k4xEzfE/J+v8wQ"
x-timer
S1731501582.661794,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
38458
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010229
date
Wed, 13 Nov 2024 12:39:41 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000068-IAD, cache-fra-etou8220025-FRA
x-cache-hits
101, 0
35200-Skinny-Brew-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/36bfe798-24ac-4981-aa37-28b0819057b3/
66 KB
67 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/36bfe798-24ac-4981-aa37-28b0819057b3/35200-Skinny-Brew-1080x1080.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2ca1afebf67c543b12fdd6f3e8874cd8b04c42da4b87c745c3e7f811e148198

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1120093 idim=1081x1081 ifmt=png ofsz=67860 odim=1081x1081 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"UDUY0+ixKHu2U2jRyftu6ZE+U2w/Fd3L2dm99AHg2BA"
x-timer
S1731501582.661723,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
67860
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:41 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000085-IAD, cache-fra-etou8220025-FRA
x-cache-hits
4295, 0
33404VALUE-Keto-Coffee-Original-1080x1080px.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e05e5db1-a33d-40e5-927d-ccfbcea59e7d/
54 KB
54 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e05e5db1-a33d-40e5-927d-ccfbcea59e7d/33404VALUE-Keto-Coffee-Original-1080x1080px.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
38a056694ebd7e7d1261e0d29f63b992b8352ca61ced5bbea0a077409213c24b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=771916 idim=1081x1081 ifmt=png ofsz=55162 odim=1081x1081 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"jWvuEpS+E6l61p00I0x/3UAWaR0iCrChSvagmCgX+Ew"
x-timer
S1731501582.661717,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
55162
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-mnz1300716
date
Wed, 13 Nov 2024 12:39:41 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100040-IAD, cache-fra-etou8220025-FRA
x-cache-hits
1858, 0
36801VALUE-Skinny-Cold-Brew-White-Mocha-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/85a84784-0f1d-4966-814f-7377b1db4bf0/
71 KB
71 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/85a84784-0f1d-4966-814f-7377b1db4bf0/36801VALUE-Skinny-Cold-Brew-White-Mocha-1080x1080.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3307ff3c4c11fa4f38be345a5abdd2c7ba8157f707393fa78a371b796048efe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1069443 idim=1080x1061 ifmt=png ofsz=72552 odim=1080x1061 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"SqmcRf+Wu6HhOE8r8GlSNZWyQASHefk8UgGysQL59tY"
x-timer
S1731501582.662339,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
72552
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-mnz1300713
date
Wed, 13 Nov 2024 12:39:41 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000077-IAD, cache-fra-etou8220025-FRA
x-cache-hits
8885, 0
32202-HSN.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/8af50d0f-2a4a-4fa2-9c3a-07812c7d295e/
25 KB
25 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/8af50d0f-2a4a-4fa2-9c3a-07812c7d295e/32202-HSN.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
511ed52be3f4460f2ddc7ce5f0de5af23b20264413473acfba6af81ad3eca1fb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=210788 idim=1081x1081 ifmt=png ofsz=25248 odim=1081x1081 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"S936Ww2KHwPnaAeHo//TzXGyQy8MjMs4+jZH7GzcoOk"
x-timer
S1731501582.662535,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
25248
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Wed, 13 Nov 2024 12:39:41 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100042-IAD, cache-fra-etou8220025-FRA
x-cache-hits
341, 0
simply%20aloe-us.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0ad3fd5c-1aeb-424c-bc00-789ad3b954aa/
34 KB
34 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0ad3fd5c-1aeb-424c-bc00-789ad3b954aa/simply%20aloe-us.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9795a5ab0bff889202eb6f9fee53f08405d8c75cc26554a5d26325e5f429de35

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=324185 idim=1080x1080 ifmt=png ofsz=34786 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"8tspzmJ6QdpWoqZ+lb+96TsqHKwvxHUy5qPp2sMieKI"
x-timer
S1731501582.662540,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
34786
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010217
date
Wed, 13 Nov 2024 12:39:41 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200103-IAD, cache-fra-etou8220025-FRA
x-cache-hits
7, 0
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.209.131.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-131-209.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Wed, 13 Nov 2024 12:39:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/
0
358 B
XHR
General
Full URL
https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
3.209.131.209 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-209-131-209.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

X-LaunchDarkly-Event-Schema
4
Referer
https://itworks.com/
X-LaunchDarkly-Payload-ID
5ad09f40-a1bc-11ef-8a4b-256bbc9d667b
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Content-Type
application/json
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Wed, 13 Nov 2024 12:39:42 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
skjfu5id0v.json
fast.wistia.com/embed/medias/
6 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/skjfu5id0v.json
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
a36fc07aa29fd601ae5f2a6ac89b86ee9ad2d3b677bd6f76668faa1dc1efa8ae
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
572e7d07-7a8d-4839-b908-502a31b5b9b1
content-encoding
br
etag
W/"a36fc07aa29fd601ae5f2a6ac89b86ee"
age
59281
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
d8vmEKqKsAFfVbA9wWsYMI0BaBPdonp2g6ox2qdh3c82QVbrjKrQiA==
date
Wed, 13 Nov 2024 12:39:42 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kiad7000057-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.053550
x-cache-hits
2, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
55
x-timer
S1731501582.317720,VS0,VE2
via
1.1 d0c7523233c2ce4a1a420cfda612235a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
1717
x-amz-cf-pop
IAD61-P4
server
envoy
wistia-mux.js
fast.wistia.com/assets/external/
132 KB
34 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/wistia-mux.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d885ef0a2b22661e3699c04a1a1d5c4905f3cf9c6b063114ea11fa413a425b1
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer

Response headers

content-encoding
br
etag
"3067e929f446fc2d111a24a808397739"
age
1866
access-control-allow-methods
GET, HEAD
x-cache
HIT, HIT
date
Wed, 13 Nov 2024 12:39:42 GMT
last-modified
Tue, 12 Nov 2024 21:07:39 GMT
x-served-by
cache-iad-kcgs7200152-IAD, cache-fra-eddf8230089-FRA
x-cache-hits
40, 21
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1731501582.317531,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
33928
asset-version
87903ca71b6a589a509dcc183d4cd4e40a87af13
server
AmazonS3
x-amz-server-side-encryption
AES256
common.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/
267 KB
0
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
sffe /
Resource Hash
415683bd714195a6f4c3c6d729c1e8f5061a26b5edf54cc5ac1317ad3309d7e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
br
age
18219
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 07:35:50 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 07:35:50 GMT
last-modified
Tue, 29 Oct 2024 22:44:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
56957
x-xss-protection
0
server
sffe
util.js
maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/
191 KB
0
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/58/11a/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f10.1e100.net
Software
sffe /
Resource Hash
f997e0f2a67fae6c99b9466b56e583964feecb57b1635eaf35b4c8fbcc510919
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
br
age
17398
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
x-content-type-options
nosniff
expires
Thu, 13 Nov 2025 07:49:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 07:49:31 GMT
last-modified
Tue, 29 Oct 2024 22:44:00 GMT
content-type
text/javascript
vary
Accept-Encoding, Origin
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
accept-ranges
bytes
content-length
59598
x-xss-protection
0
server
sffe
wm2vcyrj38.json
fast.wistia.com/embed/medias/
5 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/wm2vcyrj38.json
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
0515deac4afe8b025bec291a4a06da309a08fc04b65296428d92d7310124a2d7
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
db1c4186-b8bd-4593-bc84-62f96bc2aef2
content-encoding
br
etag
W/"0515deac4afe8b025bec291a4a06da30"
age
474
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
X--5XoJzKCZzVaaj4M_HGu-cz4uMDsYv5xmOVZyEuqr1Js0xugEbrg==
date
Wed, 13 Nov 2024 12:39:42 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kiad7000118-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.047500
x-cache-hits
5, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
49
x-timer
S1731501582.327518,VS0,VE1
via
1.1 0431e23c0344851eeb0c8f1f10c6edc4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
1645
x-amz-cf-pop
IAD61-P4
server
envoy
i06qfn16lm.json
fast.wistia.com/embed/medias/
5 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/i06qfn16lm.json
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
9ab32e9be69e27f04396c40cc03e49f5cc03a42d48038528e30c4b986f5cc15d
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
b70b1bc1-fcc3-43ad-83d2-b88f543f5550
content-encoding
br
etag
W/"9ab32e9be69e27f04396c40cc03e49f5"
age
67131
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
Xxc62G6WVuLMY5_8VDT-T2XSCeZ2vNn0bvd2OA_aVGn2uTfqlJ90QQ==
date
Wed, 13 Nov 2024 12:39:42 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kiad7000154-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.049261
x-cache-hits
4, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
51
x-timer
S1731501582.347151,VS0,VE1
via
1.1 fc3a0acebfeebc65f60bb3804fd1a4a4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
1634
x-amz-cf-pop
IAD61-P4
server
envoy
te7gu92uex.json
fast.wistia.com/embed/medias/
6 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/te7gu92uex.json
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
a0867d143fafd94be0aa794eb925961dbdc56c3d802394a23a6414ed726dd17f
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
2978668b-f10f-4389-9780-7adb5e706754
content-encoding
br
etag
W/"a0867d143fafd94be0aa794eb925961d"
age
1235
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
FyfHLGJOlIFlrdVIYnVcSkjSguj5eKy3QE0T3Oe7-eqiJQTRKaQhjw==
date
Wed, 13 Nov 2024 12:39:42 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kcgs7200158-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.048259
x-cache-hits
11, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
50
x-timer
S1731501582.383633,VS0,VE1
via
1.1 f2f0cb8191da3bf07a9ca31ece94ab68.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
1725
x-amz-cf-pop
IAD61-P4
server
envoy
playPauseLoadingControl.js
fast.wistia.com/assets/external/
83 KB
22 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f99a55f39c13c57ce2fab5f9342ab98dc9d6b350441e45672821ec3073614fc
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer

Response headers

content-encoding
br
etag
"dac500cd91133a3f05c93d7a52b8c4b8"
age
1868
access-control-allow-methods
GET, HEAD
x-cache
HIT, HIT
date
Wed, 13 Nov 2024 12:39:42 GMT
last-modified
Tue, 12 Nov 2024 21:07:39 GMT
x-served-by
cache-iad-kiad7000142-IAD, cache-fra-eddf8230089-FRA
x-cache-hits
39, 114
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1731501582.456608,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
22473
asset-version
87903ca71b6a589a509dcc183d4cd4e40a87af13
server
AmazonS3
x-amz-server-side-encryption
AES256
1e3173889505ce603c93dad7a5409863988766fa.webp
embed-ssl.wistia.com/deliveries/
218 KB
219 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/1e3173889505ce603c93dad7a5409863988766fa.webp?image_crop_resized=1080x1920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
cd6123309d7eb0b4966b24d798ab4573d924b7d9e84b540edaa7f55a4d970f11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

surrogate-key
1e3173889505ce603c93dad7a5409863988766fa thumbnail-delivery
etag
JlvbiuPqJNdhMc8X2RE7xoMkL0g=
age
98606
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
eBdVoLK_DrjXH5ANtcDjyuXrFRC8XEgK71L0ALkml_bgQlA_MigjMg==
date
Tue, 12 Nov 2024 09:16:16 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 02 May 2024 12:51:10 UTC
edge-cache-tag
1e3173889505ce603c93dad7a5409863988766fa
cache-control
max-age=31536000
x-envoy-upstream-service-time
457
x-cdn
cloudfront
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
1gfodsm60p.json
fast.wistia.com/embed/medias/
6 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/1gfodsm60p.json
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
dea99d145dc489fae35a3c794a7a0afff70cc5b8c96e0128eeaa1755fab5b3e8
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
68b87ffb-49a4-4dde-af5d-966328f11b9d
content-encoding
br
etag
W/"dea99d145dc489fae35a3c794a7a0aff"
age
3272
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
yFBCrgSip7fiEDZWFwrC279Lxv9mixDbsPlB5i3EfTS3-nyVhInsPg==
date
Wed, 13 Nov 2024 12:39:42 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kjyo7100069-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.054919
x-cache-hits
30, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
57
x-timer
S1731501583.530446,VS0,VE1
via
1.1 aadad266be53162e069ead52871dac74.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
1648
x-amz-cf-pop
IAD61-P4
server
envoy
39da8dfb9a3385c058e9bf44770b56eb9dd1f2b5.webp
embed-ssl.wistia.com/deliveries/
54 KB
54 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/39da8dfb9a3385c058e9bf44770b56eb9dd1f2b5.webp?image_crop_resized=720x1280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
5e2b53da149b622cba443fa961fe809eb2faff50944ad0c6806d00d23b9e5426

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

surrogate-key
39da8dfb9a3385c058e9bf44770b56eb9dd1f2b5 thumbnail-delivery
etag
nxtYIrT7rXyvokPrf04epxU1djI=
age
37865
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
kOs7AdqIaQQ6cWwP6bCt_QnUDRUSKBDf9a5kN7GMkGHbj570hXeoxg==
date
Wed, 13 Nov 2024 02:08:37 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 02 May 2024 12:52:13 UTC
edge-cache-tag
39da8dfb9a3385c058e9bf44770b56eb9dd1f2b5
cache-control
max-age=31536000
x-envoy-upstream-service-time
267
x-cdn
cloudfront
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
a7ca439bd89b6861b05d46492eb1b8537bb908be.webp
embed-ssl.wistia.com/deliveries/
38 KB
38 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/a7ca439bd89b6861b05d46492eb1b8537bb908be.webp?image_crop_resized=720x1280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
097dfdaca8e4ab317dec1329b9d9f714dc59b07e9f34b4bc8757e9214abb9658

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

surrogate-key
a7ca439bd89b6861b05d46492eb1b8537bb908be thumbnail-delivery
etag
FXiGU1SS6rZeSPYzlGNTblXGgyI=
age
37865
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
pc4XvsSZ_hzmSXjrR_RcW0vwzqNtJD4_alzb6tULZQPCz61NVooFnA==
date
Wed, 13 Nov 2024 02:08:37 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 02 May 2024 12:53:44 UTC
edge-cache-tag
a7ca439bd89b6861b05d46492eb1b8537bb908be
cache-control
max-age=31536000
x-envoy-upstream-service-time
281
x-cdn
cloudfront
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
2q4cmg3cqy.json
fast.wistia.com/embed/medias/
5 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/2q4cmg3cqy.json
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
e5e5e50bd8ab66cef4ef549a700cf16b3aa1eaf1739f53286c3f288696a10027
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
b55a4c33-82d0-4717-b77d-b0fd8a6bc93b
content-encoding
br
etag
W/"e5e5e50bd8ab66cef4ef549a700cf16b"
age
23195
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
M8xnDq0-As-0LvV2YLyO5rW0WtU_8FCuIBh5EP3cSBNr8idQipPZEg==
date
Wed, 13 Nov 2024 12:39:42 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kcgs7200079-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.050136
x-cache-hits
45, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
52
x-timer
S1731501583.651310,VS0,VE1
via
1.1 21c5f60ba963e85c4713b3293cada1f8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
1629
x-amz-cf-pop
IAD61-P4
server
envoy
e82746d87bc813065b4b7a7435a8d1ebc5b5c4d3.webp
embed-ssl.wistia.com/deliveries/
105 KB
105 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/e82746d87bc813065b4b7a7435a8d1ebc5b5c4d3.webp?image_crop_resized=1080x1920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
130ef0395d00fb6878da029efcd8bc321f3e0286ddbaf92106a21935a2985032

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

surrogate-key
e82746d87bc813065b4b7a7435a8d1ebc5b5c4d3 thumbnail-delivery
etag
C5-Z_AQpT8Xd-bWbqXzypv2LMjc=
age
37719
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
kxgXp8ByK7I5J0rbbMaNYwNdjXaWEH0hsU41Hi7cmqkEHN-uN5wsOg==
date
Wed, 13 Nov 2024 02:11:03 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 02 May 2024 12:55:16 UTC
edge-cache-tag
e82746d87bc813065b4b7a7435a8d1ebc5b5c4d3
cache-control
max-age=31536000
x-envoy-upstream-service-time
544
x-cdn
cloudfront
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
g6jd982y56.json
fast.wistia.com/embed/medias/
6 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/g6jd982y56.json
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
bc21df800e4b46fe6c94f6b64798b1eb6226baa2b50ed4b1ee4ba7c27d06f2b2
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
fe3945f3-198e-4af5-9e5b-bcea78ebbb5c
content-encoding
br
etag
W/"bc21df800e4b46fe6c94f6b64798b1eb"
age
69377
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
nNnQQtTxcVzkBoNItwhAkIgybpUxslbHL-1tKzcj28dc3xMg4e2_cw==
date
Wed, 13 Nov 2024 12:39:42 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kjyo7100141-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.052275
x-cache-hits
18, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
54
x-timer
S1731501583.770522,VS0,VE2
via
1.1 b74365e62a15568f4c1434d713851630.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
1595
x-amz-cf-pop
IAD61-P4
server
envoy
b4459cffd49ee322999ea5451fe2ae29.webp
embed-ssl.wistia.com/deliveries/
114 KB
115 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/b4459cffd49ee322999ea5451fe2ae29.webp?image_crop_resized=1080x1920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
b1d7adde9a484a51bf28bb8ab902e9de4d256681a21b1d4a9fba56f1005fe544

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

surrogate-key
b4459cffd49ee322999ea5451fe2ae29 thumbnail-delivery
etag
YrDGll-v88onWWFnMzrlL6jgEkg=
age
98605
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
rf4CrmSvUVlYn7hjxCaoPoq-ZOI2-RjmSLrWbYq0W8XkcdPXPR3QBw==
date
Tue, 12 Nov 2024 09:16:17 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 25 Apr 2024 14:26:18 UTC
edge-cache-tag
b4459cffd49ee322999ea5451fe2ae29
cache-control
max-age=31536000
x-envoy-upstream-service-time
422
x-cdn
cloudfront
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
ph4tkb6tcc.json
fast.wistia.com/embed/medias/
5 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/ph4tkb6tcc.json
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
2ba856dd196b4f0d3c45b2d61d0eed0ef45549f295b19a924bf0b11adc15fff3
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
d5da066f-eee6-4331-88c0-8a68a6158a57
content-encoding
br
etag
W/"2ba856dd196b4f0d3c45b2d61d0eed0e"
age
86409
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
nNXoQpCfLgDi8bmUnRhV67QvreOdGeNWkjDTmo2hEidp3tkrGxN78w==
date
Wed, 13 Nov 2024 12:39:42 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kjyo7100162-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.048986
x-cache-hits
1, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
51
x-timer
S1731501583.864194,VS0,VE2
via
1.1 d884448b57edd26b9e1728c6eef625b0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
1517
x-amz-cf-pop
MIA3-C4
server
envoy
93a34e3a6335588b2a1b3f471b08eda0aa8e7af5.webp
embed-ssl.wistia.com/deliveries/
84 KB
85 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/93a34e3a6335588b2a1b3f471b08eda0aa8e7af5.webp?image_crop_resized=720x1280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
8a9607926c9d08b257365276cc14b3d93b288a28ff898fdea17f16e4a760e35b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

surrogate-key
93a34e3a6335588b2a1b3f471b08eda0aa8e7af5 thumbnail-delivery
etag
7SKLsVloV_IXASyJ4hoPOuiCPqc=
age
98606
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
t8MYXzG1_nZJtoCUJAWBvqFUjnUv1dhxxM3p_eK86tUrCqQj6LNYGA==
date
Tue, 12 Nov 2024 09:50:09 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 02 May 2024 12:50:09 UTC
edge-cache-tag
93a34e3a6335588b2a1b3f471b08eda0aa8e7af5
cache-control
max-age=31536000
x-envoy-upstream-service-time
237
x-cdn
cloudfront
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
hls_video.js
fast.wistia.com/assets/external/engines/
520 KB
128 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5904b0843dc6c0c86c354c1a72ee0f96bc41dcbf870d03b497e1a354f72094f7
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer

Response headers

content-encoding
br
etag
"f9c61ab15b659854b94e1e5b645970a1"
age
1865
access-control-allow-methods
GET, HEAD
x-cache
HIT, HIT
date
Wed, 13 Nov 2024 12:39:43 GMT
last-modified
Tue, 12 Nov 2024 21:07:39 GMT
x-served-by
cache-iad-kjyo7100053-IAD, cache-fra-eddf8230089-FRA
x-cache-hits
58, 85
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1731501583.022221,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
130960
asset-version
87903ca71b6a589a509dcc183d4cd4e40a87af13
server
AmazonS3
x-amz-server-side-encryption
AES256
9272fcc3435d54d1554a390ace97e5a57508cbce.webp
embed-ssl.wistia.com/deliveries/
75 KB
76 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/9272fcc3435d54d1554a390ace97e5a57508cbce.webp?image_crop_resized=1080x1920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
688ea2285a90244e333d3749c4c6cbc1d31d6aef49dcec0824f90e5ea5e08391

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

surrogate-key
9272fcc3435d54d1554a390ace97e5a57508cbce thumbnail-delivery
etag
UoevK2TVw3YcFSo8LQlFAA8S1Ek=
age
45049
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
yfpLWsO8h-jAz4X-ulPaEcLtMX4XpSjHcfX_hd1moWJXoWj_cz7Hbg==
date
Wed, 13 Nov 2024 00:08:54 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Wed, 24 Jan 2024 14:25:27 UTC
edge-cache-tag
9272fcc3435d54d1554a390ace97e5a57508cbce
cache-control
max-age=31536000
x-envoy-upstream-service-time
380
x-cdn
cloudfront
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
e6bff10bc3866908cfc41d3ecefbf463dd87861f.webp
embed-ssl.wistia.com/deliveries/
38 KB
39 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/e6bff10bc3866908cfc41d3ecefbf463dd87861f.webp?image_crop_resized=720x1280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:a000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
a6ebc7b920d7f8a05b67deaecd726b15a7afa0e5a0ef03a2073a3a7645e7271d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

surrogate-key
e6bff10bc3866908cfc41d3ecefbf463dd87861f thumbnail-delivery
etag
TrW4iTXFJNkekAbXHpz-DPLMJAY=
age
186260
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
lSeeeOvbRKvA77i73ZP7PlyboXXAs00QY06PTan32b7Gy9yE2XD_ew==
date
Mon, 11 Nov 2024 08:55:23 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Wed, 24 Jan 2024 14:34:28 UTC
edge-cache-tag
e6bff10bc3866908cfc41d3ecefbf463dd87861f
cache-control
max-age=31536000
x-envoy-upstream-service-time
206
x-cdn
cloudfront
via
1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
blank.gif
fast.wistia.com/assets/images/
1 KB
1 KB
Image
General
Full URL
https://fast.wistia.com/assets/images/blank.gif
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

etag
"fbdc4ed9a1e2ee4917a265306927bcf1"
age
2662
access-control-allow-methods
GET, HEAD
x-cache
HIT, HIT
date
Wed, 13 Nov 2024 12:39:43 GMT
last-modified
Wed, 10 May 2023 19:48:54 GMT
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-eddf8230089-FRA
x-cache-hits
3035248, 129
content-type
image/gif
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1731501583.279144,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
1214
server
AmazonS3
x-amz-server-side-encryption
AES256
skjfu5id0v.m3u8
fast.wistia.com/embed/medias/
944 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/skjfu5id0v.m3u8
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
fb858e08c0f4e088d96b8224288c5cce5c790c2575472c3bd22f1c0d6e8f2f90
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
c6f9a3d7-b386-41a5-869d-ee82ecbad0cd
etag
W/"fb858e08c0f4e088d96b8224288c5cce"
age
473
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
ituoudhDiv9uoAjC2sBbr_Li-aC3CfuWflEtanqV1CGwkv8Qa15Rpg==
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kiad7000024-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.030793
x-cache-hits
12, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
32
x-timer
S1731501583.289123,VS0,VE1
via
1.1 c09e1ee371c0b677b7724c2a52462928.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
944
x-amz-cf-pop
IAD61-P4
server
envoy
a3591ba5e949a37083cc6f5a4191e903.min.js
js.sentry-cdn.com/
3 KB
2 KB
Script
General
Full URL
https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9491a5485c45ced7273e4bf739a2ff3409307a639004f80968ebb01de2365dc3
Security Headers
Name Value
Content-Security-Policy style-src * 'unsafe-inline'; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; object-src 'none'; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; media-src *; worker-src blob:; font-src * data:; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; img-src * blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=70118df28d898807b0a6df5674f76c24e9357762
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

content-encoding
gzip
age
32
x-envoy-attempt-count
1
x-content-type-options
nosniff
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
text/javascript
vary
Accept-Encoding
x-served-by
getsentry-web-default-common-production-65cc99ffb6-b4kmg, cache-chi-klot8100079-CHI, cache-fra-etou8220141-FRA
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
style-src * 'unsafe-inline'; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; object-src 'none'; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; media-src *; worker-src blob:; font-src * data:; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; img-src * blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=70118df28d898807b0a6df5674f76c24e9357762
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
timing-allow-origin
*
x-envoy-upstream-service-time
22
accept-ranges
bytes
access-control-allow-origin
*
content-length
1331
x-xss-protection
1; mode=block
content-language
en
wm2vcyrj38.m3u8
fast.wistia.com/embed/medias/
759 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/wm2vcyrj38.m3u8
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
bee43e8cff4a2668af5b0952301a71689fc6ab217c6bf555a955d05748be2e9b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
7fb2cf54-16ed-43a8-9579-458c494306e8
etag
W/"bee43e8cff4a2668af5b0952301a7168"
age
473
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
5rWF5End5nWBq9eQgAKMO0P8t3oK8qxQ8Sz7yPfAC2Sg1TPtzVGiJQ==
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kcgs7200168-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.029641
x-cache-hits
12, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
31
x-timer
S1731501583.372296,VS0,VE2
via
1.1 43ea6d4d093c6f8fb9edddca6fa0cf36.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
759
x-amz-cf-pop
IAD61-P4
server
envoy
i06qfn16lm.m3u8
fast.wistia.com/embed/medias/
755 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/i06qfn16lm.m3u8
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
d71ef23ee569134e58f2bef27d44cc57f687eb0578335b290afc95457efea839
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
23eec584-f2dc-4ff1-8125-c478af82f2d4
etag
W/"d71ef23ee569134e58f2bef27d44cc57"
age
473
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
MRwCzqDZcKxC97v8nTKGWE4qmEVE0vdOhTIgME0iJhPD3ZWbC8WAGg==
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kcgs7200107-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.031431
x-cache-hits
12, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
33
x-timer
S1731501583.445935,VS0,VE1
via
1.1 f7aa8e8c7d84529aeae571755a6e9848.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
755
x-amz-cf-pop
IAD61-P4
server
envoy
te7gu92uex.m3u8
fast.wistia.com/embed/medias/
945 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/te7gu92uex.m3u8
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
d57e42bb8a1b1a54c243d18a45d5626bd6a47fce400f4d082853370e76e30c84
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
2d8bda99-6845-4a38-a00b-42b1465f2347
etag
W/"d57e42bb8a1b1a54c243d18a45d5626b"
age
473
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
qWJ0DIcXQZiZDz0SwbMaVxHuUzO6WBqMIznlO3wgGeihEzhmPMbc7A==
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kjyo7100075-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.031821
x-cache-hits
12, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
33
x-timer
S1731501583.470124,VS0,VE3
via
1.1 a0d145d0791dd4e5051fa117c0e46d48.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
945
x-amz-cf-pop
IAD61-P4
server
envoy
blank.gif
fast.wistia.com/assets/images/
1 KB
0
Image
General
Full URL
https://fast.wistia.com/assets/images/blank.gif
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

etag
"fbdc4ed9a1e2ee4917a265306927bcf1"
age
2662
access-control-allow-methods
GET, HEAD
x-cache
HIT, HIT
date
Wed, 13 Nov 2024 12:39:43 GMT
last-modified
Wed, 10 May 2023 19:48:54 GMT
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-eddf8230089-FRA
x-cache-hits
3035248, 129
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1731501583.279144,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
1214
server
AmazonS3
x-amz-server-side-encryption
AES256
1gfodsm60p.m3u8
fast.wistia.com/embed/medias/
946 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/1gfodsm60p.m3u8
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
6525e467367e04ff55b5e8f84d96cee090318328418ea05c834509161274fc4b
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
dc27124e-072f-4200-9b96-72739eca4a9b
etag
W/"6525e467367e04ff55b5e8f84d96cee0"
age
474
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
x45ychqC605uPw5BTVgsQyRjLfxOh8pDndEQGjmktFLd0HmxQVGU6A==
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kjyo7100026-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.039633
x-cache-hits
12, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
41
x-timer
S1731501584.623880,VS0,VE1
via
1.1 d178845d60baf589ab6db5ec371a50a0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
946
x-amz-cf-pop
MIA3-P4
server
envoy
a3591ba5e949a37083cc6f5a4191e903.min.js
js.sentry-cdn.com/
3 KB
0
Script
General
Full URL
https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9491a5485c45ced7273e4bf739a2ff3409307a639004f80968ebb01de2365dc3
Security Headers
Name Value
Content-Security-Policy style-src * 'unsafe-inline'; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; object-src 'none'; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; media-src *; worker-src blob:; font-src * data:; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; img-src * blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=70118df28d898807b0a6df5674f76c24e9357762
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

content-encoding
gzip
age
32
x-envoy-attempt-count
1
x-content-type-options
nosniff
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
text/javascript
vary
Accept-Encoding
x-served-by
getsentry-web-default-common-production-65cc99ffb6-b4kmg, cache-chi-klot8100079-CHI, cache-fra-etou8220141-FRA
x-frame-options
deny
content-security-policy
style-src * 'unsafe-inline'; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; object-src 'none'; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; frame-ancestors 'self' *.sentry.io; media-src *; worker-src blob:; font-src * data:; default-src 'none'; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; img-src * blob: data:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=70118df28d898807b0a6df5674f76c24e9357762
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
timing-allow-origin
*
x-envoy-upstream-service-time
22
accept-ranges
bytes
access-control-allow-origin
*
content-length
1331
x-xss-protection
1; mode=block
content-language
en
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
rzz1Fusu1CozgfXo6E9jzZ59-cCPrNysRNgxRa7aMsVf3n05j2KjVA==
date
Wed, 13 Nov 2024 12:39:43 GMT
x-amz-cf-pop
FRA56-P12
server
envoy
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
mBJvWuZYxVFz03BAj29zSNKFCR_sMmXzx49XdJsN3_SRygP4FWZVYQ==
date
Wed, 13 Nov 2024 12:39:43 GMT
x-amz-cf-pop
FRA56-P12
server
envoy
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
myRow1Gjd5rBpu_ZjOPIyN-nBl9YDKrk0VJBVsogP9GZmV-oyaReqQ==
date
Wed, 13 Nov 2024 12:39:43 GMT
x-amz-cf-pop
FRA56-P12
server
envoy
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
Pk1K3moOM_K1jpB6g3Ws4MpcdYGeBiEXal6wOcb0TbI6iMDenB5_pQ==
date
Wed, 13 Nov 2024 12:39:43 GMT
x-amz-cf-pop
FRA56-P12
server
envoy
2q4cmg3cqy.m3u8
fast.wistia.com/embed/medias/
758 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/2q4cmg3cqy.m3u8
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
4e186ce955f64005ab13da561e1734e51a8308296f33bd2e2b7eeb831f9aa084
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
1cb85eb2-9739-4d67-a4ae-d2a2e3f36aa5
etag
W/"4e186ce955f64005ab13da561e1734e5"
age
473
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
Me_0c3wlRyUT8y8fcVMDDsxAKrgQmpZhD694VM6wRtMe9AjIVVQpxg==
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kiad7000068-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.029816
x-cache-hits
12, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
31
x-timer
S1731501584.668432,VS0,VE2
via
1.1 dcdda2de0f9d7443c4c888a61edd2c22.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
758
x-amz-cf-pop
IAD61-P4
server
envoy
allIntegrations.js
fast.wistia.com/assets/external/
55 KB
14 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1eede821380256f0bb814f92a8a277f3ecfbb9cf6568133f9361b11e87e2bf2f
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer

Response headers

content-encoding
br
etag
"f5507fe81f885b47b85100d2ace96b17"
age
1868
access-control-allow-methods
GET, HEAD
x-cache
HIT, HIT
date
Wed, 13 Nov 2024 12:39:43 GMT
last-modified
Tue, 12 Nov 2024 21:07:38 GMT
x-served-by
cache-iad-kjyo7100047-IAD, cache-fra-eddf8230089-FRA
x-cache-hits
60, 50
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1731501584.670160,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
14219
asset-version
87903ca71b6a589a509dcc183d4cd4e40a87af13
server
AmazonS3
x-amz-server-side-encryption
AES256
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
0EuT1gPaykDT7NdZcNGSG1Ky3yTvTHWqfmcz1f7psApoUHnCtYOEcw==
date
Wed, 13 Nov 2024 12:39:43 GMT
x-amz-cf-pop
FRA56-P12
server
envoy
bundle.min.js
browser.sentry-cdn.com/8.38.0/
71 KB
25 KB
Script
General
Full URL
https://browser.sentry-cdn.com/8.38.0/bundle.min.js
Requested by
Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
7da72edeccfd385019fca76d6c6a4255bf1a6d00b95592787924126340467d6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
public, max-age=31536000
content-encoding
gzip
etag
"0c99a3cac049d9892281804dc20b05eb"
age
76905
expires
Wed, 12 Nov 2025 15:17:58 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
24921
date
Wed, 13 Nov 2024 12:39:43 GMT
last-modified
Tue, 12 Nov 2024 14:41:13 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
Fastly
/
fg8vvsvnieiv3ej16jby.litix.io/
0
0
Fetch
General
Full URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.22.103.159 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-103-159.compute-1.amazonaws.com
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

access-control-allow-origin
*
content-length
0
date
Wed, 13 Nov 2024 12:39:43 GMT
x-envoy-upstream-service-time
0
server
envoy
access-control-allow-methods
POST, GET
3d131646d32d9a984e41dbd013fa569aed50c396.m3u8
embed-cloudfront.wistia.com/deliveries/
840 B
1 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/3d131646d32d9a984e41dbd013fa569aed50c396.m3u8
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
b3b742fde43e05f0da8d729503fed1ba3536679488f4ad89f99ed3359ef81edc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
surrogate-key
3d131646d32d9a984e41dbd013fa569aed50c396-hls-segment
age
206824
expires
Tue, 11 Nov 2025 03:12:39 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
V-HJvUpSQMbOLM1rJbcmEpbZV5YtaWHHmFBWqhvbgtIEpiA7Twveng==
date
Mon, 11 Nov 2024 03:12:39 GMT
content-type
application/vnd.apple.mpegurl
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag
3d131646d32d9a984e41dbd013fa569aed50c396-hls-segment
cache-control
max-age=31536000
x-envoy-upstream-service-time
244
x-cdn
cloudfront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
840
x-amz-cf-pop
FRA56-C2
server
envoy
33404VALUE-Keto-Coffee-Original-1080x1080px.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e05e5db1-a33d-40e5-927d-ccfbcea59e7d/
3 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e05e5db1-a33d-40e5-927d-ccfbcea59e7d/33404VALUE-Keto-Coffee-Original-1080x1080px.png?w=40
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8af136785cf5e01dba70f6be8f4c07af1037d8e6810ec148d229fb4df9be441c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=771916 idim=1081x1081 ifmt=png ofsz=3222 odim=40x40 ofmt=png
cache-control
public, immutable, max-age=31536000
etag
"koHrCvDJvPgWHR7JxjgfrHFC9nMKrcdPm6e+0Qj9vFs"
x-timer
S1731501584.728745,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
3222
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010248
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
image/png
x-served-by
cache-iad-kjyo7100040-IAD, cache-fra-etou8220025-FRA
x-cache-hits
20, 0
g6jd982y56.m3u8
fast.wistia.com/embed/medias/
944 B
2 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/g6jd982y56.m3u8
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
2c2ed24d3d3d4d31fe35ab2fd3d7269bc4433cfae1ea8dc53d3a44a3937c6efb
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
471f279e-d390-4a37-9cb2-0c3fa7f3cb13
etag
W/"2c2ed24d3d3d4d31fe35ab2fd3d7269b"
age
473
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
gnyZex8AfYpGsWVurKiDl4z-y4BqFfqZP0O9_PSB4jBuXGMIc6aHrw==
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kjyo7100127-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.030802
x-cache-hits
12, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
32
x-timer
S1731501584.852508,VS0,VE1
via
1.1 598322aca942d8aa18b4c23d39a0c4ac.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
944
x-amz-cf-pop
MIA3-P4
server
envoy
ph4tkb6tcc.m3u8
fast.wistia.com/embed/medias/
756 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/ph4tkb6tcc.m3u8
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
40f96df4a8697cadf541f7cdbff363d486b16e3d3d873c27be2e75344e0aaf11
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

x-request-id
aafc99e7-9610-4e39-a406-42fbb21df139
etag
W/"40f96df4a8697cadf541f7cdbff363d4"
age
473
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
cIqZXRyW6Xd6WJUdD1tVXzkBNPB4ra_3O0wbngGAaVlRYFZDr6IVRg==
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kiad7000132-IAD, cache-fra-eddf8230089-FRA
x-runtime
0.032893
x-cache-hits
12, 0
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
39
x-timer
S1731501584.901531,VS0,VE2
via
1.1 c2095fc8ad28e69d5b1b0d8a45d5666e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
130
accept-ranges
bytes
access-control-allow-origin
*
content-length
756
x-amz-cf-pop
IAD61-P4
server
envoy
seg-1-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/3d131646d32d9a984e41dbd013fa569aed50c396.m3u8/
1 MB
1 MB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/3d131646d32d9a984e41dbd013fa569aed50c396.m3u8/seg-1-v1-a1.ts
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
ebd0f41a24016cb85b2c0d4c9bf6290cf9fd16e5d2109640ec13455f29b9859a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
surrogate-key
3d131646d32d9a984e41dbd013fa569aed50c396-hls-segment
age
390853
expires
Sun, 09 Nov 2025 00:05:30 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
DxkJizjKphQuth-IBjyL9fgJ2649VAnBAkoTdaqGBQu-a_Mi4H1K6Q==
date
Sat, 09 Nov 2024 00:05:30 GMT
content-type
video/MP2T
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag
3d131646d32d9a984e41dbd013fa569aed50c396-hls-segment
cache-control
max-age=31536000
x-envoy-upstream-service-time
256
x-cdn
cloudfront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
1408120
x-amz-cf-pop
FRA56-C2
server
envoy
Healthy%20Gut%20Essentials%20System%20Listing_US%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/baf65e9f-123d-4303-9741-5bf44826c6ae/
3 KB
3 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/baf65e9f-123d-4303-9741-5bf44826c6ae/Healthy%20Gut%20Essentials%20System%20Listing_US%20%281%29.png?w=40
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3210e1d61b980c8331baf9209e9bef97d77e721d1aa6be86f2a899b4384306f8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=735680 idim=1080x1080 ifmt=png ofsz=2894 odim=40x40 ofmt=png
cache-control
public, immutable, max-age=31536000
etag
"oNibK9ddQsHwZeVlAUIy1FWMMLuZkAzFc/2rLsV/32U"
x-timer
S1731501584.976929,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
2894
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010229
date
Wed, 13 Nov 2024 12:39:43 GMT
content-type
image/png
x-served-by
cache-iad-kcgs7200054-IAD, cache-fra-etou8220025-FRA
x-cache-hits
24, 0
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
HBtiMWM--UXUAnOT_szyIXtAw2pvC3h0-ObG257WLSVBSnSnDid1lQ==
date
Wed, 13 Nov 2024 12:39:44 GMT
x-amz-cf-pop
FRA56-P12
server
envoy
lisiting%20image-skinny%20wrap.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b10ab5ef-104c-48c2-b2d1-6df02ab19d44/
3 KB
3 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b10ab5ef-104c-48c2-b2d1-6df02ab19d44/lisiting%20image-skinny%20wrap.png?w=40
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d030bae4e0e13f3f684cb88a08a8926bd2a04b5702ca7d67377cd38e21de1708

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=724746 idim=1080x1080 ifmt=png ofsz=2613 odim=40x40 ofmt=png
cache-control
public, immutable, max-age=31536000
etag
"qNJDaEX0rtWz1b4CARETAx511W4kqbWE90TPc+/b4Qc"
x-timer
S1731501584.020723,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
2613
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010247
date
Wed, 13 Nov 2024 12:39:44 GMT
content-type
image/png
x-served-by
cache-iad-kcgs7200102-IAD, cache-fra-etou8220025-FRA
x-cache-hits
34, 0
Scalp%20Serum%20DROPPER_1080x1080%20Listing.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/90355ac2-39ff-4ccc-9dfd-18c7bb2a2f28/
2 KB
2 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/90355ac2-39ff-4ccc-9dfd-18c7bb2a2f28/Scalp%20Serum%20DROPPER_1080x1080%20Listing.png?w=40
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f053d55dd734f1e3851c7a7fec786235ef2e6bc4b9a9e99ab58e2a288658d87d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=256650 idim=1080x1080 ifmt=png ofsz=1593 odim=40x40 ofmt=png
cache-control
public, immutable, max-age=31536000
etag
"au2UfwECnNdDHmwzXi7my+9WBSdaVsv9+OTPbT3JU6I"
x-timer
S1731501584.022166,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1593
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Wed, 13 Nov 2024 12:39:44 GMT
content-type
image/png
x-served-by
cache-iad-kcgs7200157-IAD, cache-fra-etou8220025-FRA
x-cache-hits
18, 0
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
HlxmEzoaX-bTZs1XgqjYioUhpkQkZDQAO8hiUR6kHL5Kt48101RRVA==
date
Wed, 13 Nov 2024 12:39:44 GMT
x-amz-cf-pop
FRA56-P12
server
envoy
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
u-qA2SZ4AmvyUDSF4vVTQWNij1V-h2nD8jF7PXeM1_CiEetW-IAOpA==
date
Wed, 13 Nov 2024 12:39:44 GMT
x-amz-cf-pop
FRA56-P12
server
envoy
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8
embed-cloudfront.wistia.com/deliveries/
840 B
1 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
66c1a5ae00dd196b85263632cdc8a4c5cd064f3d1d59e1b348313babb1171f53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
surrogate-key
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
age
366772
expires
Sun, 09 Nov 2025 06:46:52 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
ZmxoW7BMDMX2bMWQvY0qFD2oSwB-KxugKtyKr6iS7a61W7viq4zbpQ==
date
Sat, 09 Nov 2024 06:46:52 GMT
content-type
application/vnd.apple.mpegurl
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
cache-control
max-age=31536000
x-envoy-upstream-service-time
234
x-cdn
cloudfront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
840
x-amz-cf-pop
FRA56-C2
server
envoy
seg-2-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/
335 KB
336 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/seg-2-v1-a1.ts
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
ac8239e2167d10a9d0acbc7aa413e598c0136ac71fa1858df24de1c01e69c55c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
surrogate-key
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
age
384356
expires
Sun, 09 Nov 2025 01:53:47 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
dG2Gc8iMgk0YrrNppSHRrl7weQsLw6Pc3r-MtaaZp3APfkuujB-OFQ==
date
Sat, 09 Nov 2024 01:53:47 GMT
content-type
video/MP2T
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
cache-control
max-age=31536000
x-envoy-upstream-service-time
79
x-cdn
cloudfront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
343288
x-amz-cf-pop
FRA56-C2
server
envoy
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4b70v890894587z879783485za200zb79783485&_p=1731501577040&gcs=G111&gcd=13r3r3r2r5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102067554~102077855&cid=22383634.1731501571&ecid=1694987449&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=4&sid=1731501571&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=page_load_time&epn.loading_time_sec=3.43&_et=11&tfd=8513
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 13 Nov 2024 12:39:44 GMT
content-type
text/plain
server
Golfe2
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer

Response headers

Content-Type
application/x-font-woff;charset=utf-8
mput
pipedream.wistia.com/
2 B
330 B
Fetch
General
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5000:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://itworks.com/

Response headers

x-envoy-upstream-service-time
2
access-control-allow-methods
POST, OPTIONS
via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
2
x-amz-cf-id
HcJjZj4zkGtxwExiQrTgD0ZeAY-NwDeg9Zx8rjoX3dL_RkbdDnZA5A==
date
Wed, 13 Nov 2024 12:39:44 GMT
content-type
text/plain; charset=utf-8
x-amz-cf-pop
FRA60-P1
server
envoy
seg-3-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/
288 KB
289 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/seg-3-v1-a1.ts
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
7c3b0837dfc91199ee867aabb081083843928a201f9e3b2989ac51d6000ba226

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
surrogate-key
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
age
261089
expires
Mon, 10 Nov 2025 12:08:15 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
TmZF9EC_HIiRAxURVNEX_XhloQjE7MMY_TbBrlKcqPbi6gcIqrw8UQ==
date
Sun, 10 Nov 2024 12:08:15 GMT
content-type
video/MP2T
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
cache-control
max-age=31536000
x-envoy-upstream-service-time
88
x-cdn
cloudfront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
295160
x-amz-cf-pop
FRA56-C2
server
envoy
seg-4-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/
332 KB
333 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/seg-4-v1-a1.ts
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
b3268bf9aa1a793d08d33b84c4f67fc8328115eea770f1242f36d6cf24c58228

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
surrogate-key
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
age
277848
expires
Mon, 10 Nov 2025 07:28:56 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
scwfgM6q5i2PotMA7R7jCS07p79jRUCDnl20ow06cGimQ0KjamPstw==
date
Sun, 10 Nov 2024 07:28:56 GMT
content-type
video/MP2T
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
cache-control
max-age=31536000
x-envoy-upstream-service-time
69
x-cdn
cloudfront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
340280
x-amz-cf-pop
FRA56-C2
server
envoy
seg-5-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/
309 KB
310 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/seg-5-v1-a1.ts
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
38d3e10fe73f39c14175bd591ab0e8a69f3b1cfbffb85e5c851c069272372785

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
surrogate-key
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
age
186259
expires
Tue, 11 Nov 2025 08:55:25 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
Iu5pWmLqlqAWpEWEnTYsZRh0iYUlzCU7G3jHNB8516HWVoK7V9854A==
date
Mon, 11 Nov 2024 08:55:25 GMT
content-type
video/MP2T
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
cache-control
max-age=31536000
x-envoy-upstream-service-time
102
x-cdn
cloudfront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
316216
x-amz-cf-pop
FRA56-C2
server
envoy
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
OEC9XxwFlQZl_3rYN4lsXuBJ4_6FnXZHMweUEIhHo3rgCl_0DnkDUg==
date
Wed, 13 Nov 2024 12:39:45 GMT
x-amz-cf-pop
FRA56-P12
server
envoy
seg-6-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/
218 KB
219 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/seg-6-v1-a1.ts
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
736bb76d0e5a6845cc2c0fb994addf860091b4b33c385c8788706809eb2cbbc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
surrogate-key
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
age
186258
expires
Tue, 11 Nov 2025 08:55:26 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
bXFMux2eaQ_au18SNqAyIHsBRFCKiewRTy16vjU5JR5p31JTNefyhw==
date
Mon, 11 Nov 2024 08:55:26 GMT
content-type
video/MP2T
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
cache-control
max-age=31536000
x-envoy-upstream-service-time
80
x-cdn
cloudfront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
222968
x-amz-cf-pop
FRA56-C2
server
envoy
mput
pipedream.wistia.com/
2 B
328 B
Fetch
General
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:236e:5000:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://itworks.com/

Response headers

x-envoy-upstream-service-time
2
access-control-allow-methods
POST, OPTIONS
via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
content-length
2
x-amz-cf-id
t_bWAHkEUOGdYOqjnNpC9s-q7AUZP50u4_ILvUWk2bEaBpf89clWCA==
date
Wed, 13 Nov 2024 12:39:44 GMT
content-type
text/plain; charset=utf-8
x-amz-cf-pop
FRA60-P1
server
envoy
seg-7-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/
306 KB
307 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/seg-7-v1-a1.ts
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
8d16458313e0a233b18c3b0e966566bf0298919e78d40cae2bb3820eedb0f191

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
surrogate-key
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
age
186257
expires
Tue, 11 Nov 2025 08:55:27 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
Nb9i_9nQvdZpqawmZe_moydoBRke1kN3OA_PXTAEkXtQWjPASubZVw==
date
Mon, 11 Nov 2024 08:55:27 GMT
content-type
video/MP2T
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
cache-control
max-age=31536000
x-envoy-upstream-service-time
68
x-cdn
cloudfront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
313208
x-amz-cf-pop
FRA56-C2
server
envoy
seg-8-v1-a1.ts
embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/
250 KB
251 KB
XHR
General
Full URL
https://embed-cloudfront.wistia.com/deliveries/37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee.m3u8/seg-8-v1-a1.ts
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:9a00:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash
77c7ca7b645167c5347a7acde8879cb1c8523a9aab1a67f7a67db4b3f9feade5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
Server,range,Content-Length,Content-Range,x-cdn
surrogate-key
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
age
186257
expires
Tue, 11 Nov 2025 08:55:27 GMT
x-cache
Hit from cloudfront
x-amz-cf-id
USnhdoylgITHea4iiyW44GD7vraIXu2QQRa95xCKkRaTjH0cT7Gt-w==
date
Mon, 11 Nov 2024 08:55:27 GMT
content-type
video/MP2T
last-modified
Mon, 05 Nov 2018 10:11:00 GMT
edge-cache-tag
37e34ecb5da0ea8bfffef3c3ff5c9b1a340c8fee-hls-segment
cache-control
max-age=31536000
x-envoy-upstream-service-time
75
x-cdn
cloudfront
via
1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront)
accept-ranges
bytes
access-control-allow-origin
*
content-length
256056
x-amz-cf-pop
FRA56-C2
server
envoy
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
rJa4g4Q4oseQV1UujOIf_gX1m6sFO6ShyckidYQw56-xdrCFgayj4Q==
date
Wed, 13 Nov 2024 12:39:48 GMT
x-amz-cf-pop
FRA56-P12
server
envoy
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/
44 KB
0
EventSource
General
Full URL
https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Cache-Control
no-cache
Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
cache-control
no-cache, no-store, must-revalidate
ld-region
eu-west-1
access-control-allow-methods
GET,OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
date
Wed, 13 Nov 2024 12:39:49 GMT
content-type
text/event-stream; charset=utf-8
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
x
distillery.wistia.com/
0
0
Fetch
General
Full URL
https://distillery.wistia.com/x
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.173.205.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-173-205-94.fra56.r.cloudfront.net
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://itworks.com/

Response headers

cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
via
1.1 ed5042a23d5905bfac08effe99f4b1ce.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Miss from cloudfront
x-amz-cf-id
54wnjQFJRpPTrwLrd9RNf6xSM8jrndp4SHI1F1YKKP77tE9BotB_RQ==
date
Wed, 13 Nov 2024 12:39:49 GMT
x-amz-cf-pop
FRA56-P12
server
envoy

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/assets/material-design-icons/MaterialSymbolsOutlined.woff2
Domain
fast.wistia.com
URL
https://fast.wistia.com/assets/external/E-v1.js
Domain
assets-us-01.kc-usercontent.com
URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/39e82b93-eff1-4f8d-ae95-203a9f5b31ab/Weight%20Control%2016%201.jpg?w=1080&fm=webp&lossless=false
Domain
assets-us-01.kc-usercontent.com
URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1ccd3fde-8b3b-4943-9f1f-6a5d4250c744/Featured%20Category-Gut%20Health-US.png?w=1080&fm=webp&lossless=false
Domain
assets-us-01.kc-usercontent.com
URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/05953d3b-3b38-48c4-9768-b920a5361d1c/Active%20Lifestyle%2016.9%202%20%281%29.png?w=1080&fm=webp&lossless=false
Domain
assets-us-01.kc-usercontent.com
URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/842d20c5-a98f-4657-a248-9a2425aab527/Conf24-FIRM-Wrap-Defining%20Gel-1956-US-X2%201%20%281%29.png?w=1080&fm=webp&lossless=false
Domain
assets-us-01.kc-usercontent.com
URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/93396919-133c-4bb5-93eb-4649915e3f2d/Coffee%2016.9.png?w=1080&fm=webp&lossless=false
Domain
assets-us-01.kc-usercontent.com
URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5443a1b7-01c6-492b-a84a-6984845411dc/Shop%20All%2016.9%201.jpg?w=1080&fm=webp&lossless=false
Domain
assets-us-01.kc-usercontent.com
URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/Perks%20Member.jpg?w=1080&fm=webp&lossless=false
Domain
assets-us-01.kc-usercontent.com
URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/Perks%20Member%205%201.png?w=1080&fm=webp&lossless=false
Domain
assets-us-01.kc-usercontent.com
URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5323250b-4949-492c-a9fd-2b50cf4096e3/Whats%20New-Multi%20Greens-US.png?w=1056&fm=webp&lossless=false
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/portal/fa-regular-400.woff2
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/portal/fa-solid-900.woff2
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/assets/material-design-icons/MaterialSymbolsOutlined.woff2
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/api/log
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/api/log
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/api/log
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/api/log
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/api/log
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/api/log
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/api/log
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4b70v890894587za200zb79783485&_p=1731501563248&gcs=G111&gcd=13r3r3r2r5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101823848~101925629~102067554~102077855&cid=22383634.1731501571&ecid=1694987449&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=5&sid=1731501571&sct=1&seg=0&dl=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=Home%20%7C%20IT%20WORKS!&en=user_engagement&_et=3708&tfd=18527
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/cdn-cgi/rum?
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/portal/fa-solid-900.ttf
Domain
bmoochler.itworks.com
URL
https://bmoochler.itworks.com/portal/fa-regular-400.ttf

Verdicts & Comments Add Verdict or Comment

208 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| gtag object| dataLayer string| GoogleAnalyticsObject function| ga function| onGoogleMapsLoad function| $ function| jQuery object| google object| litHtmlVersions object| module$exports$mapsapi$geometry$spherical object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| google_tag_data object| gaplugins object| google_tag_manager object| gaGlobal object| webpackChunkportal function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononscrollsnapchangepatched boolean| __zone_symbol__ononscrollsnapchangingpatched boolean| __zone_symbol__ononYouTubeIframeAPIReadypatched function| __zone_symbol__queueMicrotask object| CQPolyfill object| __core-js_shared__ object| Sailthru function| SwiperElementRegisterParams object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__loadfalse object| __zone_symbol__pagehidefalse object| __cfBeacon object| __zone_symbol__visibilitychangetrue object| __zone_symbol__prerenderingchangetrue object| __zone_symbol__pageshowtrue object| __zone_symbol__keydowntrue object| __zone_symbol__clicktrue object| __zone_symbol__pagehidetrue object| __zone_symbol__loadtrue object| __zone_symbol__scrollfalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| LO object| _wq object| __webpack_modules__ object| __webpack_module_cache__ function| __webpack_require__ object| __webpack_exports__ object| Wistia object| __zone_symbol__blurfalse object| __zone_symbol__focusfalse string| _wistiaElemId object| __zone_symbol__messagefalse object| wistiaEmbeds object| __zone_symbol__mouseoutfalse object| __zone_symbol__languagechangefalse object| __zone_symbol__visibilitychangefalse object| Sentry object| __zone_symbol__errorfalse object| __zone_symbol__unhandledrejectionfalse object| __SENTRY__ string| SENTRY_SDK_SOURCE function| __zone_symbol__ON_PROPERTYpopstate function| __zone_symbol__ON_PROPERTYerror function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

9 Cookies

Domain/Path Name / Value
.itworks.com/ Name: toggle-user
Value: US-en-RC-07
.itworks.com/ Name: IWGDetectedLocale
Value: en-US
.itworks.com/ Name: IWGCountrySlug
Value: US
.itworks.com/ Name: IWGLanguageSlug
Value: en
.itworks.com/ Name: _ga
Value: GA1.1.22383634.1731501571
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.itworks.com/ Name: IWGSessionGuid
Value: {4CAEB51A-A800-4E24-80D0-65441B4380C6}
.itworks.com/ Name: _ga_B9ZCN4XJNP
Value: GS1.1.1731501571.1.0.1731501579.54.0.1694987449
.itworks.com/ Name: cf_clearance
Value: bC_wJfzwS3StrUtHFxt1PvRMKbO7iWHVOZxZaLKpyKM-1731501579-1.2.1.1-FbxhaRRC9NUv2oKcFUv.k645TEd1GbZ7vECY09JpfLhh3A2lBys_osGguPXSSEwpVJ6sJAXRpDxHsDijYyeJ8Wy5Q.sli.eg2rbO9nht4RAlE9fy2eI3KUMuIaXGGkMNyJipx93Rw21Snb82k6xJvde0dPvqTu8RqughbyEiYkZuSzKC4P_MkugC1h75BXy88VvBRmU1l7azLHHJqny4yjDt4RhajZrgGxSArRKeNZig1fes9TRLzAL5JkTbK1lzYV8VRjpbfomAGg4Cta619eAwUC.o.B0A6Jg8Udkl8RNtSSSqJtjPRUXStw_uNpfDy2J8qrmXft9EBD2o5.iQgEYIkDm8mHcOG9SIxuSGzdcVmNTaFEswBSp3D7uJMYQr

3 Console Messages

Source Level URL
Text
network error URL: https://services.itworks.com/customer/v1/profiles/bmoochler
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://services.itworks.com/customer/v1/profiles/bmoochler/details
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://services.itworks.com/customer/v1/profiles/bmoochler/details
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
assets-us-01.kc-usercontent.com
bmoochler.itworks.com
bmoochler.myitworks.com
browser.sentry-cdn.com
bskinnywrap.com
clientstream.launchdarkly.com
cmsproxy.itworks.com
code.jquery.com
d20519brkbo4nz.cloudfront.net
distillery.wistia.com
embed-cloudfront.wistia.com
embed-ssl.wistia.com
events.launchdarkly.com
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
fonts.gstatic.com
itworks.com
js.sentry-cdn.com
maps.googleapis.com
pipedream.wistia.com
region1.analytics.google.com
region1.google-analytics.com
services.itworks.com
settings.luckyorange.com
static.cloudflareinsights.com
static.myitworks.com
stats.g.doubleclick.net
td.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
assets-us-01.kc-usercontent.com
bmoochler.itworks.com
fast.wistia.com
region1.analytics.google.com
104.18.16.131
104.18.17.131
142.250.181.227
142.250.186.99
151.101.65.91
151.101.66.217
172.217.18.106
18.173.205.94
2001:4860:4802:32::36
216.239.34.36
2600:9000:2057:2600:18:6c16:27c0:93a1
2600:9000:211e:9a00:1e:c86:4140:93a1
2600:9000:211e:a000:1e:c86:4140:93a1
2600:9000:236e:5000:3:471f:5240:93a1
2606:4700::6810:4f49
2606:4700::6812:1079
2606:4700::6812:1179
2606:4700::6812:1183
2a00:1450:4001:80b::200e
2a00:1450:4001:81c::2008
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:400c:c02::9a
2a04:4e42:200::347
2a04:4e42:200::644
2a04:4e42:600::649
2a04:4e42:600::729
3.209.131.209
3.33.251.168
34.107.203.234
52.22.103.159
76.223.31.44
027d5dde165217da2bb31aa5878ebc0b962d49096b31ab956f4c3d0af2a0dd98
03de23361c1221c60ef0070ae7f6b1b30d047e2ed954b3ec03ce374887c523da
0515deac4afe8b025bec291a4a06da309a08fc04b65296428d92d7310124a2d7
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
097dfdaca8e4ab317dec1329b9d9f714dc59b07e9f34b4bc8757e9214abb9658
0bca1585cfca8f2b441e7182276fb74de04791acb5d5749eaf411663ceacef5a
0cdfed35e2d774231a81563470ecf23c3c0b6e6c48922a7c0e5198a0321c365b
130ef0395d00fb6878da029efcd8bc321f3e0286ddbaf92106a21935a2985032
13ce14e782b5d1654868ee929c6582d4e323fe777d40137f63436fd04abccdc9
142a567b270348558b6ec1aa6eeed240b1a57638020531319d2314944f93e848
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2
16947687beb9dc990fd780f4144efdb292d9474c1f74497aa9a917f03d93f026
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028
1eede821380256f0bb814f92a8a277f3ecfbb9cf6568133f9361b11e87e2bf2f
1fac3e4ab6275edf62271210d3ac8e2b77c182d5d17e0dcd59d89bc5fdbb6d4b
237abadacd16b6615ca3aaa560fc0c7e2c709d97256c5dc8a21b4c5dc1d2b845
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377
26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf
27e64a1e174f92e134e5e7162b29e26baf226b45886e8d35a2853de6fd86d2e2
2ba856dd196b4f0d3c45b2d61d0eed0ef45549f295b19a924bf0b11adc15fff3
2c2ed24d3d3d4d31fe35ab2fd3d7269bc4433cfae1ea8dc53d3a44a3937c6efb
308b54d5321d2dbbced80ad61774106e89cea8de42a6ac8b478a7a40b2a9118f
3210e1d61b980c8331baf9209e9bef97d77e721d1aa6be86f2a899b4384306f8
349070e7a44a2c6e0cb83d8553f6ff84e2ba63fc95bd4bf6a2c78e8815202c1c
35ca72ea1571b028a5dbd8b4238fc778832e836c466b9826bab57d5cdcf80dc7
371734ccf792a68daff9693f3f46354567058c36ff02354a849237a43c1187b8
38a056694ebd7e7d1261e0d29f63b992b8352ca61ced5bbea0a077409213c24b
38d3e10fe73f39c14175bd591ab0e8a69f3b1cfbffb85e5c851c069272372785
3920c003f19fdf6657c4bd18010ac6be95e6e900b7b2fbc4ca2f647c8e2ca003
3c09352a88ecf332aef871bfac5b3b54cadbd3c4cc3939dc0e25d7d4e8ce3d5f
40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15
40f96df4a8697cadf541f7cdbff363d486b16e3d3d873c27be2e75344e0aaf11
415683bd714195a6f4c3c6d729c1e8f5061a26b5edf54cc5ac1317ad3309d7e2
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b
439cc02f0bb8f9133d4e9c3de9bffefb199addb5f7de7ce2505b108f8a7b43f7
48297ac13e76efd39f64d23005c41a9d27bf6528ec62faba0715f07fc42a0260
496c6f4130c58605065dc4de7dcfc7954587927810df71251997e10dab1ca636
4c1dd8c727d9e4a5785f82ae48888b3077bd31df51052fe983e510d6d4a82c1d
4d885ef0a2b22661e3699c04a1a1d5c4905f3cf9c6b063114ea11fa413a425b1
4e186ce955f64005ab13da561e1734e51a8308296f33bd2e2b7eeb831f9aa084
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f99a55f39c13c57ce2fab5f9342ab98dc9d6b350441e45672821ec3073614fc
5015fb7de2d75e628a6a6efa053ce66de9b47398a3720a8bb14989f17835138f
511ed52be3f4460f2ddc7ce5f0de5af23b20264413473acfba6af81ad3eca1fb
52fbeac0ef5949dc15505d9c399e60f7e889fbee6274faa71a9a97e1481e85ed
541d5c9825bd44636e773090fc882bb69d8d978c99b5e1ddf62f30538774755a
54808d949ca00a62517b781baf36625cc51d434ddd3aaad5f8ba4039e6cecfb9
5520e06b9dfd27b6470edd04bf2c378852a9954e2b3bd7ce0368675946a7c82e
557d020af00c516825b46d036cfc6fd60c8174a802a63458c2a63af428014cf7
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
58e865290669671cf05e81228171fd65e9b2358b6315371b929c8af58c768654
5904b0843dc6c0c86c354c1a72ee0f96bc41dcbf870d03b497e1a354f72094f7
5e2b53da149b622cba443fa961fe809eb2faff50944ad0c6806d00d23b9e5426
5f2a58e1d325ca7f1cf8a1aba958d7dc5d9fb770ce9095a9d8be0de99267f8ec
64b1fb0730a1573b37b164dc32848fd6298ca1116285991f86228c42b312d52a
6525e467367e04ff55b5e8f84d96cee090318328418ea05c834509161274fc4b
6612a5882703839b3abb0db52ca478d4476c005dbe627bc9bc8735664f73046c
66c1a5ae00dd196b85263632cdc8a4c5cd064f3d1d59e1b348313babb1171f53
6817e2797ce7771afca1bba2f58e69bb1740f92091428ff6b87af8385c19a1cf
686472c4e28141b1b8b4433c5b529cb74fc99219396897f6daafed92b4b50378
688ea2285a90244e333d3749c4c6cbc1d31d6aef49dcec0824f90e5ea5e08391
6965d6d01fe670585f9015262de4b87f8f2702ad2058765524991134a7ad1239
69e067e12d35f19d81236ce13b12dc0212198ec308c943cbfa965917770785d2
6e7032d47d8900347d5167a6308ffd161260e8e09fee4b554f241b707c317038
7249705d38d45667c9573d01f750e39a87a1ac9ebdbcd7e36b2d9dc7759cd94b
72c93bd5f9f4d0f826db9176bf79f8465ee1639745521aa586541751bd2c39ec
736bb76d0e5a6845cc2c0fb994addf860091b4b33c385c8788706809eb2cbbc7
768452f0ba61f4c89cc5f0834315775d546f3293f00d6ab6cc1884d3e3ff9ee1
76e7797c039a87bac86bfd1b7e242a7fe9cca40ef1e122fd577c7c5809a2a8c4
77c7ca7b645167c5347a7acde8879cb1c8523a9aab1a67f7a67db4b3f9feade5
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7bc1291fd4e9741cd54f92b7255bbdadd73e7cbc303ccbed64287a2d1fc00973
7c3b0837dfc91199ee867aabb081083843928a201f9e3b2989ac51d6000ba226
7d3a5c14c1aa5549f33fc18ec25f66b70ca9703a6407464d5a951d9239a17f05
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7da72edeccfd385019fca76d6c6a4255bf1a6d00b95592787924126340467d6e
7dd4b64b26d354cd9e200c215296db4568f6c4d7577582eb86877a755a6c6113
81bc50cb826351b6ec46e7b48f1e2cbc3c0973a7153fc9ef449ba339b8fcfd3c
846e68e676eeb237d148fb7f15d01fbc938b388b1a903d521ac6b4632ab3db1a
88f3fa7f0fd796bf675f2e7f0aac695f4be1ca0282540a2ccce59fab4da15fce
893943a40dc646ad4f2582ed5012a0dbc63be6f2f2ad6986ad3693690cd20992
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a9607926c9d08b257365276cc14b3d93b288a28ff898fdea17f16e4a760e35b
8af136785cf5e01dba70f6be8f4c07af1037d8e6810ec148d229fb4df9be441c
8c3ca31f19f14a1857ba2971f3b8d91f3fcfb09a1af20b6f6f28a7c0040fff31
8d16458313e0a233b18c3b0e966566bf0298919e78d40cae2bb3820eedb0f191
92d5d83378e4f715a5a194afb2de4799954b0e0225164fa6144c5f1302a26595
9491a5485c45ced7273e4bf739a2ff3409307a639004f80968ebb01de2365dc3
95ad3a4e268330737e27ab319b967bd876d34ff11d061b7272060e57f89c21ba
9795a5ab0bff889202eb6f9fee53f08405d8c75cc26554a5d26325e5f429de35
98a18a65d3515818352fb67eb8529f28f7c244d0e985a0b5327b00eb630a5fbb
9ab32e9be69e27f04396c40cc03e49f5cc03a42d48038528e30c4b986f5cc15d
9b1fea6406d168812ae16df6517c021cbd3296e695167e4a6445166042df3595
9f856c8414143f27e5dd06dab33f37003f605eb4ac572f908c08123d2973bc9e
a0867d143fafd94be0aa794eb925961dbdc56c3d802394a23a6414ed726dd17f
a12d20090da3b4b1b0eb020379148e317323e1fea3087723d4186c54d22e5946
a36fc07aa29fd601ae5f2a6ac89b86ee9ad2d3b677bd6f76668faa1dc1efa8ae
a6ebc7b920d7f8a05b67deaecd726b15a7afa0e5a0ef03a2073a3a7645e7271d
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
a8e71dd2ad2c3a12d8f71c9cbf0d42563aefff5828d07e6fe9da709da1f6b26b
a908cb8fecee23f2a6fbe8e7b6dd858935856fc5e687cc93fadaebd61f516158
ac722ff914b53d8a19b32c6fea6a45776ea7fa518f4fca32c7011775feedab56
ac8239e2167d10a9d0acbc7aa413e598c0136ac71fa1858df24de1c01e69c55c
add67e0539a007ca55f1606b515021dd6b110e3b5166cb1f83659be0819f9456
ae355ec264fc32deecb1bc5ab9863d755b9a4dbdd71cd687aedcfc130f067291
b06a3195aa92103d0e9accaf216c8200e6554d0d63e45cbb8efdf577b2cd0da2
b0c6a2458f5b6f9523e63a484964ea8e626a1a1583d71b7b6af7d766087cbc6a
b0e40ef9faf5b8b16f241b9f41045d176b32e3979b7850d07f28e166cb8ef7f3
b1d7adde9a484a51bf28bb8ab902e9de4d256681a21b1d4a9fba56f1005fe544
b22f309afe7505005f0287d3f2004f9b3a3d22ab495cb1d3c55815849ba10c28
b3268bf9aa1a793d08d33b84c4f67fc8328115eea770f1242f36d6cf24c58228
b3a37accd72a5b61cd9c09efe0866713ac332ac9d703948c835ab4a2ab920530
b3b742fde43e05f0da8d729503fed1ba3536679488f4ad89f99ed3359ef81edc
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070
bc21df800e4b46fe6c94f6b64798b1eb6226baa2b50ed4b1ee4ba7c27d06f2b2
bee43e8cff4a2668af5b0952301a71689fc6ab217c6bf555a955d05748be2e9b
c05768a13d9e0df4cfeb255d668359ab62b170b28a3513f9e94710f826013df4
c097e1027f753314a7dd90cb77375c5ac6782186da491ad822c7b0b584d804bc
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca740ddb39784283b5896d018acd661341698bb5c5b7dcdeaa942d23e8571e8c
cca4851fa7a29a0607378c513516b3f892446d4a6a0c8cc33e6cfae6e2412ba9
cd6123309d7eb0b4966b24d798ab4573d924b7d9e84b540edaa7f55a4d970f11
cdc384134e9036185e0d17b8d554008fe98e2f92460b590600e20e3fe1b7ffe3
cf422544f33d68cc402b9a7389b4f15d5ce54a0d4981a657c2952c6a65ed9c6d
cfcd1974fa5bc2dbdbbb2f3a5dfabcaf673f49c10e94c2c7d54682a586f627ee
d030bae4e0e13f3f684cb88a08a8926bd2a04b5702ca7d67377cd38e21de1708
d0601a7c89c3edc93dd6ffc8deaf915219c3f9ccbf269e49eec393bbe9f8f9f8
d17a761a107c7b27e2aae1e12a2be31159021f0605ec2dccf9f5ef0802ff3bdd
d2ca1afebf67c543b12fdd6f3e8874cd8b04c42da4b87c745c3e7f811e148198
d34d2bfeea83103cd26afcf72edefdd91bd710234af44374edc3506b148ae40c
d3af439cec91b18b37644c79a0b7c0eebc3b52de7d8cb56337fe2971279b5f19
d3db141429a250044d131a10847e705de586b775973b22d29dd4c41260e27e17
d3f172641ebd9a59ffa17a978658424121275619c6852e8f8845f9628de49a92
d57e42bb8a1b1a54c243d18a45d5626bd6a47fce400f4d082853370e76e30c84
d71ef23ee569134e58f2bef27d44cc57f687eb0578335b290afc95457efea839
d7e5d88e6af96d0448e1c6e8cd2225192d23d49534a3a3f2ef3c7c158758b106
d88b75fc8e1926273a00509c072bc40072cf9482950db4fb0f6c10e4b2527fac
d92dbd1300eef39f0b27ca0e2a01087a64e3d84384a9196425fce5713cea7921
dc9d671ca07085015d0aa4382112952ba9c026209a406752223df07d8a8d3317
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea99d145dc489fae35a3c794a7a0afff70cc5b8c96e0128eeaa1755fab5b3e8
df25caef019af70aaa3666f122de83b5b69b2f08089204ca04d61d9a85362821
dfd4a1547459f6dc1c2990a4ca2b5414ca38bd4404f2c1da8558031c237ba156
e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92
e3307ff3c4c11fa4f38be345a5abdd2c7ba8157f707393fa78a371b796048efe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9a8a9616e00c029d5725cc5dd0c49d15497f03efd13e7489864d61a85ac2a
e5e5e50bd8ab66cef4ef549a700cf16b3aa1eaf1739f53286c3f288696a10027
ebd0f41a24016cb85b2c0d4c9bf6290cf9fd16e5d2109640ec13455f29b9859a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f053d55dd734f1e3851c7a7fec786235ef2e6bc4b9a9e99ab58e2a288658d87d
f239ebcaeae914c4ad3dbab07ec5d473da0938162ed714b06aee76fac77c1932
f2f085d6d4206fb177837d778a83ac52e9c6b0554e8bca9456e30390841b8ac7
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aead7887510db7045f3374e5c70a88f9ebf8eeca74235435ec0cb2fdb1c2f3
f6093b16472adce538b1ed39291e9fa93f528611e14e4ce17540548376b8a3c9
f6e365794e0b9a73d5f819bab2639d04a1105c7bb46253b5ecf58c59c44c7218
f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c
f85430cdc730c3f6138eaa1d8491508bdaac5417f50a9155a30da65f2bf71603
f997e0f2a67fae6c99b9466b56e583964feecb57b1635eaf35b4c8fbcc510919
fa20aa7e572a72d4b449019d735d93c957572bbf8ddef591336533a76264b7e4
fb858e08c0f4e088d96b8224288c5cce5c790c2575472c3bd22f1c0d6e8f2f90