urlscan.io logo urlscan.io
SecurityTrails logo

www.wellness.com Open in urlscan Pro
44.208.98.117  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.wellness.com/user/2082484/fynix-io
Submission: On September 18 via manual from IN — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 2 countries across 12 domains to perform 46 HTTP transactions. The main IP is 44.208.98.117, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.wellness.com. The Cisco Umbrella rank of the primary domain is 752480.
TLS certificate: Issued by Amazon RSA 2048 M02 on May 9th 2024. Valid for: a year.
This is the only time www.wellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
7 44.208.98.117 14618 (AMAZON-AES)
10 18.245.62.138 16509 (AMAZON-02)
1 52.216.218.16 16509 (AMAZON-02)
4 216.58.206.34 15169 (GOOGLE)
2 142.250.74.200 15169 (GOOGLE)
2 142.250.185.234 15169 (GOOGLE)
1 152.199.19.160 15133 (EDGECAST)
2 142.250.184.238 15169 (GOOGLE)
5 142.250.185.130 15169 (GOOGLE)
2 172.217.18.14 15169 (GOOGLE)
1 142.251.168.157 15169 (GOOGLE)
1 142.250.185.162 15169 (GOOGLE)
1 142.250.185.238 15169 (GOOGLE)
2 157.240.252.13 32934 (FACEBOOK)
1 157.240.252.35 32934 (FACEBOOK)
2 142.250.181.225 15169 (GOOGLE)
46 17
7    44.208.98.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-98-117.compute-1.amazonaws.com
www.wellness.com
10    18.245.62.138 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-62-138.fra60.r.cloudfront.net
d2x0atfi55wmqs.cloudfront.net
1    52.216.218.16 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
4    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f2.1e100.net
pagead2.googlesyndication.com
2    142.250.74.200 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f8.1e100.net
www.googletagmanager.com
2    142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net
ajax.googleapis.com
1    152.199.19.160 (United States)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
2    142.250.184.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f14.1e100.net
www.google-analytics.com
5    142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
2    172.217.18.14 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f14.1e100.net
analytics.google.com
1    142.251.168.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: wh-in-f157.1e100.net
stats.g.doubleclick.net
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
td.doubleclick.net
1    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
apis.google.com
2    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
1    157.240.252.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-fra3.facebook.com
www.facebook.com
2    142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net
tpc.googlesyndication.com
Apex Domain
Subdomains		 Transfer
10 cloudfront.net
d2x0atfi55wmqs.cloudfront.net
466 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 45
stats.g.doubleclick.net — Cisco Umbrella Rank: 130
td.doubleclick.net — Cisco Umbrella Rank: 189
255 B
7 wellness.com
www.wellness.com — Cisco Umbrella Rank: 752480
23 KB
6 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 115
tpc.googlesyndication.com — Cisco Umbrella Rank: 162
269 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 140
apis.google.com — Cisco Umbrella Rank: 121
www.google.com Failed
24 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 178
86 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
21 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 407
95 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 43
189 KB
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2720
8 KB
1 amazonaws.com
s3.amazonaws.com
3 KB
46 12
Domain Requested by
10 d2x0atfi55wmqs.cloudfront.net www.wellness.com
d2x0atfi55wmqs.cloudfront.net
7 www.wellness.com www.wellness.com
ajax.googleapis.com
5 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 pagead2.googlesyndication.com www.wellness.com
pagead2.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 connect.facebook.net d2x0atfi55wmqs.cloudfront.net
connect.facebook.net
2 analytics.google.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 ajax.googleapis.com d2x0atfi55wmqs.cloudfront.net
2 www.googletagmanager.com www.wellness.com
www.googletagmanager.com
1 www.facebook.com connect.facebook.net
1 apis.google.com d2x0atfi55wmqs.cloudfront.net
1 td.doubleclick.net www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 ajax.aspnetcdn.com d2x0atfi55wmqs.cloudfront.net
1 s3.amazonaws.com www.wellness.com
0 www.google.com Failed tpc.googlesyndication.com
46 17

This site contains links to these domains. Also see Links.

Domain
www.soulvibe.com
www.earnware.com
Subject Issuer Validity Valid
*.wellness.com
Amazon RSA 2048 M02		 2024-05-09 -
2025-06-06		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-05-25 -
2025-05-02		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.google-analytics.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2024-06-06 -
2025-06-06		 a year crt.sh
*.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.doubleclick.net
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.apis.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-06-28 -
2024-09-26		 3 months crt.sh
tpc.googlesyndication.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://www.wellness.com/user/2082484/fynix-io
Frame ID: C5CC184C16BA5B78FBB32029B164121B
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/zrt_lookup_fy2021.html
Frame ID: 02C8B84CFEFC512EAFD9FC06D0BB696D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2540724769578549&output=html&h=250&slotname=3724128275&adk=3004187315&adf=1896573041&pi=t.ma~as.3724128275&w=300&abgtt=5&lmt=1726664976&format=300x250&url=https%3A%2F%2Fwww.wellness.com%2Fuser%2F2082484%2Ffynix-io&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726664976030&bpp=4&bdt=1221&idt=277&shv=r20240916&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=3189227537130&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=991&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31087065%2C44795921%2C95331689%2C95342765%2C31087172%2C95342337&oid=2&pvsid=4422335243812113&tmod=1214714668&uas=0&nvt=1&fc=896&brdim=660%2C660%2C660%2C660%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=329
Frame ID: 1D8F71D282AE15C6C2571BF04D8ABEA6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2540724769578549&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1726664976&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fwww.wellness.com%2Fuser%2F2082484%2Ffynix-io&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726664976034&bpp=2&bdt=1225&idt=350&shv=r20240916&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=300x250&nras=1&correlator=3189227537130&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31087065%2C44795921%2C95331689%2C95342765%2C31087172%2C95342337&oid=2&pvsid=4422335243812113&tmod=1214714668&uas=0&nvt=1&fsapi=1&fc=896&brdim=660%2C660%2C660%2C660%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=371
Frame ID: 33E9E29C11E2D01CF95119E66D9E76AA
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-7FY2CK9MKF&gacid=1370278039.1726664977&gtm=45je4990v9130122815z877934209za200zb77934209&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=17335594
Frame ID: E02D1C58557712DFE5928C864DF9A04D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/zrt_lookup_fy2021.html
Frame ID: 339F8DD31BE26B1D0344F201C23298EE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/zrt_lookup_fy2021.html
Frame ID: 3BFF911FEE7F666D807D710114924FCF
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df83aacdf344da6787%26domain%3Dwww.wellness.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.wellness.com%252Ffcf47929811ba2b6c%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fwww.facebook.com%2Fwellness.com&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=100
Frame ID: 54EF67F945121ED659456263A8B3F456
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C34773786208CDFF19C8F177A8354EDD
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CC24CBADC60BDBF2E47A3F6C4A672C7D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Fynix Io | Wellness.com

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

46
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

17
Subdomains

17
IPs

2
Countries

1184 kB
Transfer

3633 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

46 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request fynix-io
www.wellness.com/user/2082484/ 		40 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.wellness.com/user/2082484/fynix-io
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.98.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-98-117.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
da8b9e90024deaa1222a39fc64c82347f4ed0d5e9d8a122cfac0de4726eeebf1
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-cache
content-encoding
gzip
content-length
11639
content-type
text/html; charset=utf-8
date
Wed, 18 Sep 2024 13:09:34 GMT
expires
-1
pragma
no-cache
server
Microsoft-IIS/10.0
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
font-awesome.css
www.wellness.com/fonts/ 		39 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.wellness.com/fonts/font-awesome.css
Requested by
Host: www.wellness.com
URL: https://www.wellness.com/user/2082484/fynix-io
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.98.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-98-117.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
195ae201f68303d749c2394a48149b414c51e726edf7bf9ade473ae52c1bf2f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/user/2082484/fynix-io

Response headers

cache-control
public,max-age=2592000
content-encoding
gzip
accept-ranges
bytes
content-length
7445
date
Wed, 18 Sep 2024 13:09:34 GMT
content-type
text/css
last-modified
Mon, 09 Jan 2017 18:13:08 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
bundled-0F504CF108BA232FF500DCD876CD3B54.css
d2x0atfi55wmqs.cloudfront.net/content/css/cache/ 		274 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2x0atfi55wmqs.cloudfront.net/content/css/cache/bundled-0F504CF108BA232FF500DCD876CD3B54.css
Requested by
Host: www.wellness.com
URL: https://www.wellness.com/user/2082484/fynix-io
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-138.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
faae84b70ea280c8f8a49040b92d50e1ff59df0f60704c6f3025777ce2f168c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

Content-Encoding
gzip
ETag
"8840fe4b11cf50093c6289d07ea0cc6b"
Age
1136975
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
KvHhUkLfYVvkWM8XdCxBr6zkirCt3QNdsKY5_nW7kw0TlEnQ68bQGw==
Date
Thu, 05 Sep 2024 09:20:01 GMT
Content-Type
text/css
Last-Modified
Thu, 28 Sep 2023 00:34:16 GMT
Cache-Control
public,max-age=2592000
Connection
keep-alive
Via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
51439
X-Amz-Cf-Pop
FRA60-P5
Server
AmazonS3
x-amz-server-side-encryption
AES256
scriptloader.min.js
d2x0atfi55wmqs.cloudfront.net/content/js/lib-scriptloader/src/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2x0atfi55wmqs.cloudfront.net/content/js/lib-scriptloader/src/scriptloader.min.js
Requested by
Host: www.wellness.com
URL: https://www.wellness.com/user/2082484/fynix-io
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-138.fra60.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
b30a39c2366cff5ca076dbc9f0467e93838ae0987d9fc64db4cc011e61a34b01

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

Cache-Control
public,max-age=2592000
Content-Encoding
gzip
Age
2546851
Connection
keep-alive
Via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
720
X-Amz-Cf-Id
hhN9QgdHxDaq-h0KKVNNZdMOcbkq3Zy_fu1DYdgyf4URSYpexh_4Pg==
Date
Tue, 20 Aug 2024 01:42:03 GMT
Content-Type
application/javascript
Last-Modified
Fri, 09 Oct 2015 15:51:30 GMT
Server
Microsoft-IIS/10.0
X-Amz-Cf-Pop
FRA60-P5
Vary
Accept-Encoding
spacer.gif
d2x0atfi55wmqs.cloudfront.net/content/images/ 		49 B
519 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2x0atfi55wmqs.cloudfront.net/content/images/spacer.gif
Requested by
Host: www.wellness.com
URL: https://www.wellness.com/user/2082484/fynix-io
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-138.fra60.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

Cache-Control
public,max-age=2592000
Age
2450530
Connection
keep-alive
Via
1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
49
X-Amz-Cf-Id
RfLIKB7YadZIHHO4II3XdGB34fmpUXxsHIWtP6eN63td9fC2Idy4Lg==
Date
Wed, 21 Aug 2024 04:27:25 GMT
Content-Type
image/gif
Last-Modified
Fri, 09 Oct 2015 15:51:28 GMT
Server
Microsoft-IIS/10.0
X-Amz-Cf-Pop
FRA60-P5
User.2082484.211a15fae76933c47eacd5dcbc54a71c.square200.jpg
s3.amazonaws.com/static.wellness.com/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s3.amazonaws.com/static.wellness.com/User.2082484.211a15fae76933c47eacd5dcbc54a71c.square200.jpg
Requested by
Host: www.wellness.com
URL: https://www.wellness.com/user/2082484/fynix-io
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.218.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
c1e94e07f5b221b01ff231da5817e2f6915a14925896b1451df3b8e5ee06d5d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

x-amz-id-2
Zc3DpB52pRqpJpVfrvR2sFccGnjilKsBhhG9X0FIbyLC1T60FNbfCCAmRFKlVOVWCMaP7/lR72E=
Cache-Control
max-age=31536000
ETag
"eb97ba3e8f84d8c471fdb3abb185d8b6"
x-amz-request-id
X3XGKQPDDKZEPZQG
Accept-Ranges
bytes
Content-Length
2426
Date
Wed, 18 Sep 2024 13:09:36 GMT
Last-Modified
Mon, 16 Sep 2024 07:28:55 GMT
Content-Type
image/jpeg
Server
AmazonS3
x-amz-server-side-encryption
AES256
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		151 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.wellness.com
URL: https://www.wellness.com/user/2082484/fynix-io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
cb81612e2087fdf9bf45903370d9e2a6e5da225458a5209ffcd8af130fd06f84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

content-encoding
br
etag
7750348672614534715
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 13:09:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 18 Sep 2024 13:09:35 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
52294
x-xss-protection
0
server
cafe
gtm.js
www.googletagmanager.com/ 		273 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T62ZBJJ
Requested by
Host: www.wellness.com
URL: https://www.wellness.com/user/2082484/fynix-io
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.200 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
28740ae356c31e82799afc4be09ea77e6ec4226ec51b5f3b6b5a516abc495126
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

content-encoding
br
expires
Wed, 18 Sep 2024 13:09:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 13:09:35 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 12:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
98630
x-xss-protection
0
server
Google Tag Manager
spacer.gif
d2x0atfi55wmqs.cloudfront.net/content/images/ 		49 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2x0atfi55wmqs.cloudfront.net/content/images/spacer.gif
Requested by
Host: www.wellness.com
URL: https://www.wellness.com/user/2082484/fynix-io
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-138.fra60.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

Cache-Control
public,max-age=2592000
Age
2450530
Via
1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
49
X-Amz-Cf-Id
RfLIKB7YadZIHHO4II3XdGB34fmpUXxsHIWtP6eN63td9fC2Idy4Lg==
Date
Wed, 21 Aug 2024 04:27:25 GMT
Content-Type
image/gif
Last-Modified
Fri, 09 Oct 2015 15:51:28 GMT
Server
Microsoft-IIS/10.0
X-Amz-Cf-Pop
FRA60-P5
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: d2x0atfi55wmqs.cloudfront.net
URL: https://d2x0atfi55wmqs.cloudfront.net/content/js/lib-scriptloader/src/scriptloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

content-encoding
gzip
age
84617
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 13:39:18 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 13:39:18 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
33593
x-xss-protection
0
server
sffe
down-arrow.gif
d2x0atfi55wmqs.cloudfront.net/content/images/www/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2x0atfi55wmqs.cloudfront.net/content/images/www/down-arrow.gif?r=810E603290C1399BD16F3FD9E6FDFDAC
Requested by
Host: d2x0atfi55wmqs.cloudfront.net
URL: https://d2x0atfi55wmqs.cloudfront.net/content/css/cache/bundled-0F504CF108BA232FF500DCD876CD3B54.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-138.fra60.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
98f7a55ea6991a7a4be66347db9e2fdee0dc6256a1729f75cf294a3ceaec6a75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://d2x0atfi55wmqs.cloudfront.net/content/css/cache/bundled-0F504CF108BA232FF500DCD876CD3B54.css

Response headers

Cache-Control
public,max-age=2592000
Age
2451618
Connection
keep-alive
Via
1.1 c9b44fbd4230c7c5b0750a98fbcd9df6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
1133
X-Amz-Cf-Id
yEmfIkYs3JKAeZ6w7kfSuspl_vaCXZrbwHaSjTQyfXAqnmbfdofwmw==
Date
Wed, 21 Aug 2024 04:09:17 GMT
Content-Type
image/gif
Last-Modified
Fri, 09 Oct 2015 15:51:28 GMT
Server
Microsoft-IIS/10.0
X-Amz-Cf-Pop
FRA60-P5
homepage_sprite.png
d2x0atfi55wmqs.cloudfront.net/content/images/www/ 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2x0atfi55wmqs.cloudfront.net/content/images/www/homepage_sprite.png?r=34BEB3A88FD404F0D19FDFBC027D9065
Requested by
Host: d2x0atfi55wmqs.cloudfront.net
URL: https://d2x0atfi55wmqs.cloudfront.net/content/css/cache/bundled-0F504CF108BA232FF500DCD876CD3B54.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-138.fra60.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
c827cdf72b4de782fd5f7807bb07a125a1fc653452b6b527885f69f87aece15a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://d2x0atfi55wmqs.cloudfront.net/content/css/cache/bundled-0F504CF108BA232FF500DCD876CD3B54.css

Response headers

Cache-Control
public,max-age=2592000
Age
2365316
Connection
keep-alive
Via
1.1 ce0a6880f9416cb3a7b5da0d937e47be.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
35107
X-Amz-Cf-Id
v_4aKivrNmyArfWI_-UDkA3TLDCgat0ZnU4tYdHexnXhxZev-l8sTg==
Date
Thu, 22 Aug 2024 04:07:38 GMT
Content-Type
image/png
Last-Modified
Fri, 09 Oct 2015 15:51:28 GMT
Server
Microsoft-IIS/10.0
X-Amz-Cf-Pop
FRA60-P5
sprite.gif
d2x0atfi55wmqs.cloudfront.net/content/images/www/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d2x0atfi55wmqs.cloudfront.net/content/images/www/sprite.gif?r=8E16BAD91464FBA5FDFBEB933980CF3A
Requested by
Host: d2x0atfi55wmqs.cloudfront.net
URL: https://d2x0atfi55wmqs.cloudfront.net/content/css/cache/bundled-0F504CF108BA232FF500DCD876CD3B54.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-138.fra60.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
feddb727cc59349fefbc9ce78668e8ec9038d3e6b9196caa808267d6af4a567d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://d2x0atfi55wmqs.cloudfront.net/content/css/cache/bundled-0F504CF108BA232FF500DCD876CD3B54.css

Response headers

Cache-Control
public,max-age=2592000
Age
2189532
Connection
keep-alive
Via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
54958
X-Amz-Cf-Id
fHgkirOKop-ic1Hfn_yxvSpIjmmgfdSipIgItwHH8qjBMJFRmHqIZQ==
Date
Sat, 24 Aug 2024 04:57:23 GMT
Content-Type
image/gif
Last-Modified
Fri, 09 Oct 2015 15:51:28 GMT
Server
Microsoft-IIS/10.0
X-Amz-Cf-Pop
FRA60-P5
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.9.1/ 		232 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.9.1/jquery-ui.min.js
Requested by
Host: d2x0atfi55wmqs.cloudfront.net
URL: https://d2x0atfi55wmqs.cloudfront.net/content/js/lib-scriptloader/src/scriptloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f10.1e100.net
Software
sffe /
Resource Hash
51eccd74b04b65a1bf62845caf8f08ebc82bf296f98324c133e762e4ff29eadf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

content-encoding
gzip
age
84513
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 13:41:03 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 17 Sep 2024 13:41:03 GMT
last-modified
Fri, 27 Jan 2023 21:54:31 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
62418
x-xss-protection
0
server
sffe
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.11.0/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.11.0/jquery.validate.min.js
Requested by
Host: d2x0atfi55wmqs.cloudfront.net
URL: https://d2x0atfi55wmqs.cloudfront.net/content/js/lib-scriptloader/src/scriptloader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.19.160 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C3B) /
Resource Hash
30817cd840a829ad5272e7e87e0b6bca67c263065c76422ba418d790e19cf6b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

content-encoding
gzip
etag
"555e9770d033d21:0"
age
15330380
x-content-type-options
nosniff
x-cache
HIT
date
Wed, 18 Sep 2024 13:09:36 GMT
content-type
application/javascript
last-modified
Mon, 31 Oct 2016 23:42:28 GMT
vary
Accept-Encoding
cache-control
public,max-age=31536000
timing-allow-origin
*
accept-ranges
bytes
access-control-allow-origin
*
content-length
7817
x-xss-protection
1; mode=block
server
ECAcc (mil/6C3B)
wellness-E391D1521AE47D8EBDB3C2A228696CBA.js
d2x0atfi55wmqs.cloudfront.net/content/js/cache/ 		1 MB
313 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2x0atfi55wmqs.cloudfront.net/content/js/cache/wellness-E391D1521AE47D8EBDB3C2A228696CBA.js
Requested by
Host: d2x0atfi55wmqs.cloudfront.net
URL: https://d2x0atfi55wmqs.cloudfront.net/content/js/lib-scriptloader/src/scriptloader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-138.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
75932f4e77243c6760aba7fc543bebbec6beca49d9f7b8c8cf804131dc8b6b0e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

Content-Encoding
gzip
ETag
"5f00d7e039cdedd99b5d44f2cdce6827"
Age
2522737
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
OBneNXdAYOztHPJ-u5Tf3m_OGPqOm5haCyQ_TkBxHe96BJByKTltyw==
Date
Tue, 20 Aug 2024 08:24:00 GMT
Content-Type
application/x-javascript
Last-Modified
Mon, 08 Jan 2024 22:15:51 GMT
Cache-Control
public,max-age=2592000
Connection
keep-alive
Via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
320146
X-Amz-Cf-Pop
FRA60-P5
Server
AmazonS3
x-amz-server-side-encryption
AES256
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/ 		415 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js?bust=31087172
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
7062fac18b1ade73639a38da79fa1f50cc5964cf1ba30f3c7b9811b24102dadd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

content-encoding
br
etag
7013276020701990660
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 13:09:36 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 18 Sep 2024 13:09:36 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
142819
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		265 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7FY2CK9MKF&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T62ZBJJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.200 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b7787eef5f0fd8293705a59982fa63b8fc9c95360f4023d15c0d8c7a932e33e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Wed, 18 Sep 2024 13:09:36 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94522
date
Wed, 18 Sep 2024 13:09:36 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T62ZBJJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
content-encoding
gzip
age
6199
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 13:26:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
date
Wed, 18 Sep 2024 11:26:17 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
server
Golfe2
vary
Accept-Encoding
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/ Frame 02C8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js?bust=31087172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
83088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Sep 2024 14:04:49 GMT
etag
14908419571193397619
expires
Tue, 01 Oct 2024 14:04:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1D8F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2540724769578549&output=html&h=250&slotname=3724128275&adk=3004187315&adf=1896573041&pi=t.ma~as.3724128275&w=300&abgtt=5&lmt=1726664976&format=300x250&url=https%3A%2F%2Fwww.wellness.com%2Fuser%2F2082484%2Ffynix-io&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726664976030&bpp=4&bdt=1221&idt=277&shv=r20240916&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&correlator=3189227537130&frm=20&pv=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=991&ady=185&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31087065%2C44795921%2C95331689%2C95342765%2C31087172%2C95342337&oid=2&pvsid=4422335243812113&tmod=1214714668&uas=0&nvt=1&fc=896&brdim=660%2C660%2C660%2C660%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=329
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js?bust=31087172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellness.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44543
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Sep 2024 13:09:37 GMT
expires
Wed, 18 Sep 2024 13:09:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 33E9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2540724769578549&output=html&adk=1812271804&adf=3025194257&abgtt=5&lmt=1726664976&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fwww.wellness.com%2Fuser%2F2082484%2Ffynix-io&pra=7&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aifxl=29_18~30_19&aiixl=29_5~30_6&aslmct=0.7&asamct=0.7&aiepr=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1726664976034&bpp=2&bdt=1225&idt=350&shv=r20240916&mjsv=m202409120101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=300x250&nras=1&correlator=3189227537130&frm=20&pv=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31087065%2C44795921%2C95331689%2C95342765%2C31087172%2C95342337&oid=2&pvsid=4422335243812113&tmod=1214714668&uas=0&nvt=1&fsapi=1&fc=896&brdim=660%2C660%2C660%2C660%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=371
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js?bust=31087172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellness.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
75159
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Sep 2024 13:09:37 GMT
expires
Wed, 18 Sep 2024 13:09:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-7FY2CK9MKF&gtm=45je4990v9130122815z877934209za200zb77934209&_p=1726664974836&_gaz=1&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1370278039.1726664977&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_s=1&sid=1726664976&sct=1&seg=0&dl=https%3A%2F%2Fwww.wellness.com%2Fuser%2F2082484%2Ffynix-io&dt=Fynix%20Io%20%7C%20Wellness.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2339
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7FY2CK9MKF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.wellness.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 13:09:37 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7FY2CK9MKF&cid=1370278039.1726664977&gtm=45je4990v9130122815z877934209za200zb77934209&aip=1&dma=0&gcd=13l3l3l3l1l1&npa=0&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7FY2CK9MKF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.168.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
wh-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.wellness.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 13:09:37 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame E02D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-7FY2CK9MKF&gacid=1370278039.1726664977&gtm=45je4990v9130122815z877934209za200zb77934209&dma=0&gcd=13l3l3l3l1l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=0&z=17335594
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7FY2CK9MKF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 18 Sep 2024 13:09:37 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
inline-A0C175D8DADF95CBAFFD4EA3DF1D805C.js
d2x0atfi55wmqs.cloudfront.net/content/js/cache/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2x0atfi55wmqs.cloudfront.net/content/js/cache/inline-A0C175D8DADF95CBAFFD4EA3DF1D805C.js
Requested by
Host: d2x0atfi55wmqs.cloudfront.net
URL: https://d2x0atfi55wmqs.cloudfront.net/content/js/lib-scriptloader/src/scriptloader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-138.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
52f5643c3a463a9052d9f6e8ba446351a4da3b37de9d07e105d42aea3aa20286

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

Content-Encoding
gzip
ETag
"afee0ebeb5174b0528f9e855248969fb"
Age
2273146
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
7P6Yh_6UGTBaRDUTJNW6uctBR9Jv2irLzuP3NTVWgQgMn67-6sDPUA==
Date
Fri, 23 Aug 2024 05:43:51 GMT
Content-Type
application/x-javascript
Last-Modified
Thu, 28 Sep 2023 00:34:20 GMT
Cache-Control
public,max-age=2592000
Connection
keep-alive
Via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
8062
X-Amz-Cf-Pop
FRA60-P5
Server
AmazonS3
x-amz-server-side-encryption
AES256
published
www.wellness.com/api/blogs/user/2082484/ 		127 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wellness.com/api/blogs/user/2082484/published
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.98.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-98-117.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
4f7c4febff2d7fe3a055155be65d3902b201b95b1cabb2e224c7d74a6d8c4bd1

Request headers

Referer
https://www.wellness.com/user/2082484/fynix-io
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json

Response headers

cache-control
private
content-length
203
content-encoding
gzip
date
Wed, 18 Sep 2024 13:09:36 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Microsoft-IIS/10.0
2082484
www.wellness.com/api/goals/user/ 		127 B
357 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wellness.com/api/goals/user/2082484
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.98.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-98-117.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
4f7c4febff2d7fe3a055155be65d3902b201b95b1cabb2e224c7d74a6d8c4bd1

Request headers

Referer
https://www.wellness.com/user/2082484/fynix-io
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Content-Type
application/json

Response headers

cache-control
private
content-length
203
content-encoding
gzip
date
Wed, 18 Sep 2024 13:09:36 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Microsoft-IIS/10.0
loggedinuser
www.wellness.com/api/users/ 		2 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wellness.com/api/users/loggedinuser?_=1726664976724
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.98.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-98-117.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.wellness.com/user/2082484/fynix-io
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01

Response headers

cache-control
private
content-length
123
content-encoding
gzip
date
Wed, 18 Sep 2024 13:09:36 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Microsoft-IIS/10.0
newsletter
www.wellness.com/api/ 		2 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wellness.com/api/newsletter?displayType=modal
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.98.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-98-117.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126

Request headers

Referer
https://www.wellness.com/user/2082484/fynix-io
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

cache-control
private
content-length
122
content-encoding
gzip
date
Wed, 18 Sep 2024 13:09:36 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Microsoft-IIS/10.0
platform.js
apis.google.com/js/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: d2x0atfi55wmqs.cloudfront.net
URL: https://d2x0atfi55wmqs.cloudfront.net/content/js/cache/wellness-E391D1521AE47D8EBDB3C2A228696CBA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
sffe /
Resource Hash
22d0948c57c1f12a42f1b03dca7637551c0dd7e68dc6b10f9a473b53290af6af
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

content-encoding
gzip
etag
"1e01b1b59e18aaa9"
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 13:09:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 13:09:37 GMT
content-type
text/javascript
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cache-control
private, max-age=1800, stale-while-revalidate=1800
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="gapi-team"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
24118
x-xss-protection
0
server
sffe
sdk.js
connect.facebook.net/en_US/ 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: d2x0atfi55wmqs.cloudfront.net
URL: https://d2x0atfi55wmqs.cloudfront.net/content/js/cache/wellness-E391D1521AE47D8EBDB3C2A228696CBA.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
6f865f3b78c2311e54b5f60162947b813138fd1a048c1d115ae8a16c0e1a237e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

content-md5
X4AF4577bA6REHXAp0+FEA==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"392c55b3d1c2ac49c43662a2c043698a"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 13:23:48 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 13:09:37 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
2df66363d64c8f02ed408e191963b715
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=15, mss=1288, tbw=2919, tp=-1, tpl=-1, uplat=1, ullat=-1
x-fb-debug
rQhNw5WhSaFLat5x+LWDN6GTcDXid68WK0tFSYYrQNkw+cmNf4KIygOSrhhI/HxipZRkOTgMBgBY7hDNkfU+Cw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
1685
origin-agent-cluster
?0
newsletter
www.wellness.com/api/ 		10 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wellness.com/api/newsletter?displayType=bottom
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.208.98.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-208-98-117.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
6daf3da6814184f4f02bc11229fdd68f078dc50781a7b94025971e7769f7ee8f

Request headers

Referer
https://www.wellness.com/user/2082484/fynix-io
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/json

Response headers

cache-control
private
content-length
2124
content-encoding
gzip
date
Wed, 18 Sep 2024 13:09:37 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Microsoft-IIS/10.0
collect
www.google-analytics.com/j/ 		3 B
209 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1450015968&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wellness.com%2Fuser%2F2082484%2Ffynix-io&ul=it-it&de=UTF-8&dt=Fynix%20Io%20%7C%20Wellness.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1164831602&gjid=962766676&cid=1370278039.1726664977&tid=UA-2097165-1&_gid=543652691.1726664977&_r=1&_slc=1&gtm=45He4990n81T62ZBJJv77934209za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=0&z=590471799
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://www.wellness.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.wellness.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
date
Wed, 18 Sep 2024 13:09:37 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
server
Golfe2
sdk.js
connect.facebook.net/en_US/ 		283 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=1abc3e797b8fe710e9e5c2dc19f3cede
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
f9c6118af684ed279f263d574738ad60bb09e394f1104ebbd047189265f1dc0c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.wellness.com
Referer
https://www.wellness.com/

Response headers

content-md5
kXMI7fnnEcZFrLv0k1In8w==
access-control-expose-headers
X-FB-Content-MD5
content-encoding
gzip
etag
"d401229f9a8a94a23703f28fafa4bbbb"
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Thu, 18 Sep 2025 11:11:06 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 13:09:38 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-content-md5
d5ce809113368508acaef633f857e1d8
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=19, rtx=0, c=16, mss=1288, tbw=2919, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
U/46iwpoMwHuhfpjIt275/Ygwd3g3hglze9Sdl+4w36sbW7aL2W55dqUtSY11tEFCiXWh89l6XOncOFP+3tvRw==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
access-control-allow-origin
*
content-length
82572
origin-agent-cluster
?0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/ 		172 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/reactive_library_fy2021.js?bust=31087172
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js?bust=31087172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
3049f602cc4dd022241d031726d5a817a4a3f2ed901514ea9429f50d2ca47950
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

content-encoding
br
etag
10641854096758963530
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 13:09:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Wed, 18 Sep 2024 13:09:37 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
59171
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/ Frame 339F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js?bust=31087172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellness.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
83088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Sep 2024 14:04:49 GMT
etag
14908419571193397619
expires
Tue, 01 Oct 2024 14:04:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/ Frame 3BFF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240916/r20110914/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js?bust=31087172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellness.com/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age
83088
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4126
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 17 Sep 2024 14:04:49 GMT
etag
14908419571193397619
expires
Tue, 01 Oct 2024 14:04:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240916&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js?bust=31087172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil07s07-in-f2.1e100.net
Software
cafe /
Resource Hash
59257e0c810c651c4556b5b8bba8239ff2738d15ac718058913e316b55c43f18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12922
date
Wed, 18 Sep 2024 13:09:40 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
like.php
www.facebook.com/v2.12/plugins/ Frame 54EF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.12/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df83aacdf344da6787%26domain%3Dwww.wellness.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.wellness.com%252Ffcf47929811ba2b6c%26relation%3Dparent.parent&container_width=90&href=https%3A%2F%2Fwww.facebook.com%2Fwellness.com&layout=button_count&locale=en_US&sdk=joey&share=false&show_faces=false&width=100
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=1abc3e797b8fe710e9e5c2dc19f3cede
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.252.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-fra3.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html;charset=utf-8
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
date
Wed, 18 Sep 2024 13:09:40 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7415969621138381856"}]}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7415969621138381856"
x-content-type-options
nosniff
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=10, mss=1288, tbw=2761, tp=-1, tpl=-1, uplat=29, ullat=0
x-fb-debug
cT+gr7lGr+5fdUVswocqQCdu36PDhOvsW/U2qqGEmEYwYTTSqPWPCC09vjEddA2pCa2riz7GijtMschPDeAnag==
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202409120101/show_ads_impl_fy2021.js?bust=31087172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

content-encoding
gzip
etag
"1637097310169751"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 13:09:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 13:09:40 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6386
x-xss-protection
0
server
sffe
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C347 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.wellness.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
86123
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 17 Sep 2024 13:14:17 GMT
expires
Wed, 17 Sep 2025 13:14:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CC24 		0
0
wellnessfavicon.ico
d2x0atfi55wmqs.cloudfront.net/content/images/www/ 		1 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d2x0atfi55wmqs.cloudfront.net/content/images/www/wellnessfavicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.245.62.138 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-62-138.fra60.r.cloudfront.net
Software
Microsoft-IIS/10.0 /
Resource Hash
d61c7114afba6ca22382b57f90cf1d3d0ddd5a85ba6f34181dd68ada04d572cc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.wellness.com/

Response headers

Cache-Control
public,max-age=2592000
Age
1510441
Connection
keep-alive
Via
1.1 79a075303cab256e952b4b0679e1182c.cloudfront.net (CloudFront)
Accept-Ranges
bytes
X-Cache
Hit from cloudfront
Content-Length
1150
X-Amz-Cf-Id
5xkmqy5GbJr7qg8pKzieaNUfxE5fxNAvZEUA6DLK_ab-i7FiEsNmkA==
Date
Sun, 01 Sep 2024 01:35:40 GMT
Content-Type
image/x-icon
Last-Modified
Fri, 09 Oct 2015 15:51:28 GMT
Server
Microsoft-IIS/10.0
X-Amz-Cf-Pop
FRA60-P5
sodar
pagead2.googlesyndication.com/pagead/ 		0
0
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-7FY2CK9MKF&gtm=45je4990v9130122815za200zb77934209&_p=1726664974836&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=0&cid=1370278039.1726664977&ul=it-it&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=AEI&sid=1726664976&sct=1&seg=0&dl=https%3A%2F%2Fwww.wellness.com%2Fuser%2F2082484%2Ffynix-io&dt=Fynix%20Io%20%7C%20Wellness.com&_s=2&tfd=9971
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7FY2CK9MKF&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f14.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://www.wellness.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://www.wellness.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Wed, 18 Sep 2024 13:09:44 GMT
content-type
text/plain
server
Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240916&jk=4422335243812113&bg=!8fKl8r3NAAbpMHvgyTA7ADQBe5WfODrHDfudHAXBrF4wCNIwBf2xMRu7qyKIcGzlnYrLaZA9Qn-xb9zOJFcT1DIFhhodAgAAAFNSAAAADWgBB34ANhxJ1G_owk7cdgwBYftpKrgUEugBfX5KIjijFMCJOzA0pHHpL0QmN10731bnCp4phC3WPzld6QoAayI9JBLfn6nLhjLZEVBKXdQnDIS4Gj3aSA0TxXT0w7nF9k_csKWge7HZsTJdn5epknfIu6hD8AiZvd3a7UbL6GK75bdFHsTTUNtn-htQFYRYYI4m-i7Q_nKvAKGlUdnX0i9RuzT7dGSc_Dn0mQKbDTtcefUSJzhQ7yRXuoW-CjW2Ix66BeZz8oGnZ_d0iKCM6_if0wW9UESmtQtsrV-bK6ICvjC9niRx-AAInwtMpZh2PvdfTaoKWotFhLopuA7eEYc2Iahl3ysJvlnqi6faY3azwfaIWmUtP2Hiyus7JJpwS6p78qY8KNb7KxFoNX9xa3B2CBak4Bp2vZXdCZm0dnFuz31Z_QluMUTRD24d1CdZXucZr3EeLQ8kDEnerquybiv1pdgOpKgj-MryXYRJFGc0noufEbP2iy8JxNkJvmO6ZLz-HhTNSihHMS1kBL0PuUBy_kc5u5wdWYzEXWWWH5Bm-QPxxdwGuqoxTfdY9HncOUoToLslEjH2beFlBtpat2ddRAvw9ntloJmtrLKDJ34N2uj6wJH4A9sdpiG3mP8JM1iUQDgCCidFkM5dqAryW1pbXWrRvqUss3Ic8qo7431XfZpE0HvU5M6aJvag7CLqUVN1v31Ssot71sRRWNMIrCZ-Lqy343Euih_Gh7EymyfSZSfkJx8DiKctvOw-rVVxsUEZ0d7TcYHsbBWoknWhO6AAaFE52Ep_aXZeJMW9rEuD1Nwe_vlUUXzd9AQRUSBRbbKtbqt40piY3TkmvlQsi2vrVQcMtAquFmtBb2QcnuD16nI0OJW7zoHpMWor3l6QyOTjaYYreXHJKwE_b0bTiHRax7HAuy7jMFI6jmtKb-qiEf6KIuJlUviVlPl2ePc2cie093__V3DAw8PoZl64lA43DSByokqc5Lrf4klM2djhxdvdoID3Zj0HQbXjYPjlayP8L3ryDkhXUU-UPmPffn7JMPCzoNnW-J4PBTnZ-McPtNtV3JnSeYJFgPvt2xkI-4hNVQrSzaKdt6LzDEWW4EHJ5PUCdl21gA

Verdicts & Comments Add Verdict or Comment

140 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| dataLayer object| ScriptLoader object| adsbygoogle function| onReady function| initBlogs function| initGoals function| getUserDetails function| initUserMenu function| initNewsletterModalLauncher function| _onReady function| initIframeBreakOut function| initMyAccountMenu function| initUserWelcomeMessage function| initUserLogout function| initPrintables object| coreBundle object| scriptsBundle object| inlineBundle object| addthis_config object| addthis_share function| $ function| jQuery object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue object| google_ad_modifications object| ggeac object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga function| DP_jQuery_1726664976133 function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| gaGlobal object| CategoryType object| MergeTemplateType function| initMergeDocumentEdit function| initMergeDocumentEvents function| initMergeDocumentSearchBoxes function| getBaseSearchUrl function| getSearchResultListItem function| getAddListItem function| getCategoryListItem function| getCategoryMergeDocuments function| initCategoryChange function| hasCategoryMergeDocuments function| removeCategoryMergeDocuments function| loadCategoryMergeDocuments function| stripHtml object| MergeDocumentType function| initPhotoRemove object| _templateUriCache function| UrlBase function| _typeof function| _possibleConstructorReturn function| _getPrototypeOf function| _assertThisInitialized function| _inherits function| _setPrototypeOf function| _classCallCheck function| _defineProperties function| _createClass function| __guard__ function| __guardMethod__ function| Emitter function| Dropzone function| without function| camelize function| contentLoaded function| detectVerticalSquash function| drawImageIOSFix function| ExifRestore function| SWFUpload function| fileQueued function| fileQueueError function| fileDialogComplete function| uploadStart function| uploadProgress function| uploadSuccess function| uploadError function| uploadComplete function| queueComplete function| FileProgress function| setformfieldsize object| thresholdcolors object| uncheckedkeycodes function| PollQuestionValidator function| ProviderFormValidator function| ProviderMessageBuilder object| PackageType object| DayOfWeek object| VirtualProviderCategoryIds object| _cache_routes function| cssbeautify function| diff_match_patch number| DIFF_DELETE number| DIFF_INSERT function| LeafletDirections object| jQuery1830912920657528216 object| Modal function| QuestionProvider function| StatisticsProvider object| _legacy_cache object| _cache function| QuestionMessageBuilder number| mce-data-1i82k1a5s object| tinyMCE object| tinymce object| gaplugins object| gaData object| FB object| gapi object| ___jsl object| google_llp object| __buffer object| GoogleGcLKhOms

14 Cookies

Domain/Path Name / Value
www.wellness.com/ Name: __RequestVerificationToken
Value: 6i7uXUbxspnFwRfJmFwOdblm9Sgm5Y3oa1W4zRA_XLwS-IdVRozBoF7EqITZ9E2ILF7vKXytgojdwRsAgSD1Ayg0WsY1
.wellness.com/ Name: _gcl_au
Value: 1.1.493224269.1726664976
.wellness.com/ Name: _ga
Value: GA1.2.1370278039.1726664977
.wellness.com/ Name: _gid
Value: GA1.2.543652691.1726664977
.wellness.com/ Name: _gat_UA-2097165-1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnXtJ5GptQqOOqFiUhwdiVfezNXocTIDxKmeK2o79fa54VUYYdG42Yn5mXsmbk
.doubleclick.net/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.wellness.com/ Name: __gads
Value: ID=863ce1f80a01992a:T=1726664977:RT=1726664977:S=ALNI_MZ68DFlH8-qzCl5z0yPAcbzpaGXSA
.wellness.com/ Name: __gpi
Value: UID=00000ef20282b80b:T=1726664977:RT=1726664977:S=ALNI_MaWvDri8T3pRpfDTCZblhvyapTH6Q
.wellness.com/ Name: __eoi
Value: ID=97b062867623fd55:T=1726664977:RT=1726664977:S=AA-AfjZhmFHshcZs6gUBz5wX7P0C
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.wellness.com/ Name: _ga_7FY2CK9MKF
Value: GS1.1.1726664976.1.0.1726664979.57.0.0
.doubleclick.net/ Name: APC
Value: AfxxVi4DyVFdI5BmCJtEc3Wio6jq1U_b6WV_WRmGmbSdSvypyRDT1Q

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.aspnetcdn.com
ajax.googleapis.com
analytics.google.com
apis.google.com
connect.facebook.net
d2x0atfi55wmqs.cloudfront.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s3.amazonaws.com
stats.g.doubleclick.net
td.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.wellness.com
pagead2.googlesyndication.com
www.google.com
142.250.181.225
142.250.184.238
142.250.185.130
142.250.185.162
142.250.185.234
142.250.185.238
142.250.74.200
142.251.168.157
152.199.19.160
157.240.252.13
157.240.252.35
172.217.18.14
18.245.62.138
216.58.206.34
44.208.98.117
52.216.218.16
12ae32cb1ec02d01eda3581b127c1fee3b0dc53572ed6baf239721a03d82e126
195ae201f68303d749c2394a48149b414c51e726edf7bf9ade473ae52c1bf2f3
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
22d0948c57c1f12a42f1b03dca7637551c0dd7e68dc6b10f9a473b53290af6af
28740ae356c31e82799afc4be09ea77e6ec4226ec51b5f3b6b5a516abc495126
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3049f602cc4dd022241d031726d5a817a4a3f2ed901514ea9429f50d2ca47950
30817cd840a829ad5272e7e87e0b6bca67c263065c76422ba418d790e19cf6b2
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4f7c4febff2d7fe3a055155be65d3902b201b95b1cabb2e224c7d74a6d8c4bd1
51eccd74b04b65a1bf62845caf8f08ebc82bf296f98324c133e762e4ff29eadf
52f5643c3a463a9052d9f6e8ba446351a4da3b37de9d07e105d42aea3aa20286
59257e0c810c651c4556b5b8bba8239ff2738d15ac718058913e316b55c43f18
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6daf3da6814184f4f02bc11229fdd68f078dc50781a7b94025971e7769f7ee8f
6f865f3b78c2311e54b5f60162947b813138fd1a048c1d115ae8a16c0e1a237e
7062fac18b1ade73639a38da79fa1f50cc5964cf1ba30f3c7b9811b24102dadd
75932f4e77243c6760aba7fc543bebbec6beca49d9f7b8c8cf804131dc8b6b0e
98f7a55ea6991a7a4be66347db9e2fdee0dc6256a1729f75cf294a3ceaec6a75
b30a39c2366cff5ca076dbc9f0467e93838ae0987d9fc64db4cc011e61a34b01
b7787eef5f0fd8293705a59982fa63b8fc9c95360f4023d15c0d8c7a932e33e8
c1e94e07f5b221b01ff231da5817e2f6915a14925896b1451df3b8e5ee06d5d9
c827cdf72b4de782fd5f7807bb07a125a1fc653452b6b527885f69f87aece15a
cb81612e2087fdf9bf45903370d9e2a6e5da225458a5209ffcd8af130fd06f84
d61c7114afba6ca22382b57f90cf1d3d0ddd5a85ba6f34181dd68ada04d572cc
da8b9e90024deaa1222a39fc64c82347f4ed0d5e9d8a122cfac0de4726eeebf1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9c6118af684ed279f263d574738ad60bb09e394f1104ebbd047189265f1dc0c
faae84b70ea280c8f8a49040b92d50e1ff59df0f60704c6f3025777ce2f168c7
feddb727cc59349fefbc9ce78668e8ec9038d3e6b9196caa808267d6af4a567d