itworks.com Open in urlscan Pro
104.18.16.131 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.bskinnywrap.com/
Effective URL:
https://itworks.com/
Submission: On July 01 via api (July 1st 2024, 4:53:51 pm UTC) from US — Scanned from DE

Summary HTTP 174 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 4 countries across 17 domains to perform 174 HTTP transactions. The main IP is 104.18.16.131, located in and belongs to CLOUDFLARENET, US. The main domain is itworks.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 6th 2024. Valid for: 10 months.

This is the only time itworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	15.197.225.128 15.197.225.128	16509 (AMAZON-02) (AMAZON-02)
1 1	2606:4700::68... 2606:4700::6812:1179	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 66	104.18.16.131 104.18.16.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	142.250.185.106 142.250.185.106	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
4	151.101.194.217 151.101.194.217	54113 (FASTLY) (FASTLY)
6	104.18.17.131 104.18.17.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	3.212.118.41 3.212.118.41	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:1079	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
2	216.239.34.36 216.239.34.36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:1183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:225... 2600:9000:225b:8800:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
21	2a04:4e42:400... 2a04:4e42:400::347	54113 (FASTLY) (FASTLY)
1	2a04:4e42:200... 2a04:4e42:200::644	54113 (FASTLY) (FASTLY)
15	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
1	142.250.186.99 142.250.186.99	15169 (GOOGLE) (GOOGLE)
174	25

1 15.197.225.128 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

www.bskinnywrap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1179 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bmoochler.myitworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

66 104.18.16.131 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

bmoochler.itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cmsproxy.itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.194.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.17.131 (None, )

ASN13335 (CLOUDFLARENET, US)

services.itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.212.118.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-118-41.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1079 (United States)

ASN13335 (CLOUDFLARENET, US)

static.myitworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.239.34.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1183 (United States)

ASN13335 (CLOUDFLARENET, US)

cmsproxy.itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:8800:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

d20519brkbo4nz.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a04:4e42:400::347 (United States)

ASN54113 (FASTLY, US)

assets-us-01.kc-usercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

assets-us-01.kc-usercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
74	itworks.com 1 redirects bmoochler.itworks.com services.itworks.com cmsproxy.itworks.com itworks.com	1 MB
36	kc-usercontent.com assets-us-01.kc-usercontent.com — Cisco Umbrella Rank: 60311	2 MB
9	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 790 events.launchdarkly.com — Cisco Umbrella Rank: 823 clientstream.launchdarkly.com — Cisco Umbrella Rank: 854	7 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 71 region1.google-analytics.com — Cisco Umbrella Rank: 2355	21 KB
5	gstatic.com fonts.gstatic.com	69 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 81	189 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 406	146 KB
2	luckyorange.com settings.luckyorange.com — Cisco Umbrella Rank: 15051	239 B
2	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1073	7 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 816	29 KB
2	myitworks.com 1 redirects bmoochler.myitworks.com static.myitworks.com	1 KB
1	wistia.com fast.wistia.com — Cisco Umbrella Rank: 6775	134 KB
1	cloudfront.net d20519brkbo4nz.cloudfront.net	5 KB
1	google.de www.google.de — Cisco Umbrella Rank: 8088	63 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136	258 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3125
1	bskinnywrap.com 1 redirects www.bskinnywrap.com	171 B
174	17

	Domain	Requested by
40	bmoochler.itworks.com	1 redirects bmoochler.itworks.com static.cloudflareinsights.com
36	assets-us-01.kc-usercontent.com
22	cmsproxy.itworks.com	bmoochler.itworks.com
6	itworks.com	bmoochler.itworks.com itworks.com
6	services.itworks.com	bmoochler.itworks.com
5	fonts.gstatic.com	bmoochler.itworks.com itworks.com
4	events.launchdarkly.com	bmoochler.itworks.com
4	app.launchdarkly.com	bmoochler.itworks.com
4	region1.google-analytics.com	www.googletagmanager.com bmoochler.itworks.com
4	www.googletagmanager.com	bmoochler.itworks.com www.googletagmanager.com itworks.com
4	maps.googleapis.com	bmoochler.itworks.com maps.googleapis.com itworks.com
2	settings.luckyorange.com	bmoochler.itworks.com
2	www.google-analytics.com	bmoochler.itworks.com itworks.com
2	static.cloudflareinsights.com	bmoochler.itworks.com itworks.com
2	code.jquery.com	bmoochler.itworks.com itworks.com
1	fast.wistia.com	bmoochler.itworks.com
1	d20519brkbo4nz.cloudfront.net	bmoochler.itworks.com
1	www.google.de
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	bmoochler.itworks.com
1	clientstream.launchdarkly.com
1	static.myitworks.com
1	bmoochler.myitworks.com	1 redirects
1	www.bskinnywrap.com	1 redirects
174	24

This site contains no links.

Subject Issuer	Validity	Valid
itworks.com Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
*.google-analytics.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.gstatic.com WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M03	`2024-05-22` - `2025-06-21`	a year	crt.sh
myitworks.com GTS CA 1P5	`2024-05-31` - `2024-08-29`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-08-09` - `2024-09-05`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.google.de WR2	`2024-06-13` - `2024-09-05`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
settings.luckyorange.com R3	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.kc-usercontent.com R11	`2024-06-16` - `2024-09-14`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://itworks.com/
Frame ID: F7E2A8CD7D5BDFCCCDCD0BC58B6A5160
Requests: 156 HTTP requests in this frame

Frame: https://bmoochler.itworks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
Frame ID: EF88BE93354F07D068151BB6D94835EC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

It Works!

Page URL History Show full URLs

https://www.bskinnywrap.com/ HTTP 301
http://bmoochler.myitworks.com/ HTTP 307
https://bmoochler.myitworks.com/ HTTP 302
https://bmoochler.itworks.com/ Page URL
https://itworks.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

174
Requests

85 %
HTTPS

54 %
IPv6

17
Domains

24
Subdomains

25
IPs

4
Countries

3853 kB
Transfer

13114 kB
Size

12
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.bskinnywrap.com/ HTTP 301
http://bmoochler.myitworks.com/ HTTP 307
https://bmoochler.myitworks.com/ HTTP 302
https://bmoochler.itworks.com/ Page URL
https://itworks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://www.bskinnywrap.com/ HTTP 301
http://bmoochler.myitworks.com/ HTTP 307
https://bmoochler.myitworks.com/ HTTP 302
https://bmoochler.itworks.com/

Request Chain 21

https://bmoochler.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://bmoochler.itworks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

174 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

/ Show response
bmoochler.itworks.com/
Redirect Chain

https://www.bskinnywrap.com/
http://bmoochler.myitworks.com/
https://bmoochler.myitworks.com/
https://bmoochler.itworks.com/

18 KB
5 KB

520ms
474ms

Document
text/html

104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bmoochler.itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

657a376684bdff0b5813e13faaea9b3eda796d2b5070c9f50ec991975d10c642

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 89c7e9fdcd509186-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 01 Jul 2024 16:53:45 GMT
last-modified: Mon, 01 Jul 2024 10:37:32 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=2592000
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-xss-protection: 1; mode=block

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 89c7e9f93eda6949-FRA
Cache-Control: private
Connection: keep-alive
Content-Type: text/html; Charset=utf-8
Date: Mon, 01 Jul 2024 16:53:45 GMT
Server: cloudflare
Transfer-Encoding: chunked
location: https://bmoochler.itworks.com
x-frame-options: SAMEORIGIN

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 76ms
22ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Origin: https://bmoochler.itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:45 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5708982
x-cache: MISS, HIT
content-length: 29811
x-served-by: cache-lga21935-LGA, cache-fra-etou8220143-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1719852826.786453,VS0,VE0
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 0, 132992

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 213 KB
73 KB 112ms
53ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ea5ac8e9e026edd0a66a6bd6c13075338afbe94969555ae73dfabd18ba49f462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74244
x-xss-protection: 0

GET
H3 200 runtime.c1abea0f261abd32.js Show response
bmoochler.itworks.com/portal/ 3 KB
2 KB 493ms
492ms Script
application/javascript 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bmoochler.itworks.com/portal/runtime.c1abea0f261abd32.js

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c01e01463c10a44f0dba00d3f2bcb523465a6f26a2dda16eb4275d5a1a4ea337

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Origin: https://bmoochler.itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:46 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"dda-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://bmoochler.itworks.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea00d9a79186-FRA
expires: Mon, 01 Jul 2024 20:53:46 GMT

GET
H3 200 polyfills.82a2842c2492498d.js Show response
bmoochler.itworks.com/portal/ 69 KB
25 KB 645ms
644ms Script
application/javascript 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e8d7453f1b6aee84cf2a2eb5a5627e94f9974613636906dccc4908d10fec6aa6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Origin: https://bmoochler.itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:46 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"112bc-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://bmoochler.itworks.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea00d9ac9186-FRA
expires: Mon, 01 Jul 2024 20:53:46 GMT

GET
H3 200 scripts.2a1e351c7b378688.js Show response
bmoochler.itworks.com/portal/ 123 KB
45 KB 623ms
622ms Script
application/javascript 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bmoochler.itworks.com/portal/scripts.2a1e351c7b378688.js

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0faafdb139b75f63e0a8e3efe617e12474e8475fb08c39d22c5f78837d36f384

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:46 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"1ea63-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea01eae49186-FRA
expires: Mon, 01 Jul 2024 20:53:46 GMT

GET
H3 200 main.9c030feea479381c.js Show response
bmoochler.itworks.com/portal/ 3 MB
738 KB 675ms
675ms Script
application/javascript 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bmoochler.itworks.com/portal/main.9c030feea479381c.js

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

58073040e882e3a498ce06e9d45ce30fa290cf830adda0e894437fecbceac867

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Origin: https://bmoochler.itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:46 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"2e81ad-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://bmoochler.itworks.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea00d9ad9186-FRA
expires: Mon, 01 Jul 2024 20:53:46 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 131ms
85ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Origin: https://bmoochler.itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:46 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89c7ea022edf9000-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 260 KB
83 KB 107ms
57ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73c546420270cd8a3b7c1ecd8c0b63ef802be99d3698bb5eef3123db8772ba5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84457
x-xss-protection: 0
last-modified: Mon, 01 Jul 2024 15:09:08 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 01 Jul 2024 16:53:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 134ms
21ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 01 Jul 2024 16:29:07 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1479
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 01 Jul 2024 18:29:07 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 84ms
43ms XHR
application/json 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bmoochler.itworks.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H3 200 styles.dd8bbc58b4c4c29e.css
bmoochler.itworks.com/portal/ 1 MB
129 KB 817ms
817ms Stylesheet
text/css 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ff32dc5c259b37808e656bcd44ccc91cb197f435678f5724dd3805d9a5ec5207

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:46 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"11952c-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea01eae89186-FRA
expires: Mon, 01 Jul 2024 20:53:46 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/ 45 KB
46 KB 126ms
23ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Origin: https://bmoochler.itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 01:28:58 GMT
x-content-type-options: nosniff
age: 401088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46552
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:46:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 01:28:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
106 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90080c299281057c88f1e251f84b4c0926bea1f22259f18af2feda2a6d3a9c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 Jul 2024 16:53:46 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 79ms
30ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46q0v890894587z879783485za200zb79783485&_p=1719852825727&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1345233430.1719852826&ecid=1364245132&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&sid=1719852826&sct=1&seg=0&dl=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2015&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 16:53:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bmoochler.itworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/ Frame 0
0 124ms
38ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Mon, 01 Jul 2024 16:53:47 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-etou8220020-FRA
x-timer: S1719852828.572658,VS0,VE1

OPTIONS
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTAzIn0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ Frame 0
0 120ms
39ms Preflight 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTAzIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Mon, 01 Jul 2024 16:53:47 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-etou8220020-FRA
x-timer: S1719852828.572639,VS0,VE1

GET
H3 200 level Show response
bmoochler.itworks.com/api/log/ 20 B
216 B 139ms
139ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log/level
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 89c7ea0bbf549186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 20

GET
H3 200 countries Show response
services.itworks.com/countries/v1/ 3 KB
914 B 272ms
219ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/countries/v1/countries

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

messageid: 092cded0-7aaa-4fdb-b2ae-fb263cad415e
date: Mon, 01 Jul 2024 16:53:47 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Mon, 01 Jul 2024 16:53:47 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
xcalledservice: S:https://see-inbound-policy.com/
access-control-expose-headers: CorrelationId
cache-control: public, max-age=14400
cf-ray: 89c7ea0c19b09107-FRA
expires: Mon, 01 Jul 2024 20:53:47 GMT

GET
H2 200 5bb3bd847387e1367e01ff04 Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 25ms
23ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 varnish
date: Mon, 01 Jul 2024 16:53:47 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-etou8220020-FRA
x-timer: S1719852828.615734,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTAzIn0 Show response
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ 42 KB
6 KB 34ms
32ms XHR
application/json 151.101.194.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTAzIn0
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 741eb6b4cfc8e36ad4bfda4588bb37e9d99b73447f1de662a3f90fafdf8d310e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 5803
x-served-by: cache-fra-etou8220035-FRA, cache-fra-etou8220020-FRA
x-timer: S1719852828.615844,VS0,VE2
etag: "166dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

GET
H3

200

main.js Show response
bmoochler.itworks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/ Frame EF88
Redirect Chain

https://bmoochler.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://bmoochler.itworks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

8 KB
4 KB

37ms
36ms

Script
application/javascript

104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bmoochler.itworks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js

Protocol

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41fdc796dda3d663b3c9b84d6cca814692c15ed3eb33bc5f44f425e99ec93392

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Mon, 01 Jul 2024 16:53:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 89c7ea0c1fcd9186-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Mon, 01 Jul 2024 16:53:47 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/d2a97f6b6ec9/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 89c7ea0bdf759186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 202 5bb3bd847387e1367e01ff04 Show response
events.launchdarkly.com/events/diagnostic/ 0
358 B 115ms
114ms XHR
application/json 3.212.118.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.212.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-118-41.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/ Frame 0
0 364ms
114ms Preflight 3.212.118.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.212.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-118-41.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Mon, 01 Jul 2024 16:53:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 35ms
33ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46q0v890894587za200zb79783485&_p=1719852825727&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1345233430.1719852826&ecid=1364245132&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EEA&_s=2&sid=1719852826&sct=1&seg=0&dl=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=scroll&epn.percent_scrolled=90&_et=8&tfd=3332&_z=fetch
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 16:53:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bmoochler.itworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 rum Show response
bmoochler.itworks.com/cdn-cgi/ 0
145 B 42ms
42ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bmoochler.itworks.com/cdn-cgi/rum?

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Mon, 01 Jul 2024 16:53:47 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://bmoochler.itworks.com
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 89c7ea0c0fbb9186-FRA

GET
H/1.1 200
OK favicon.svg
static.myitworks.com/themes/rws-v3/images/ 841 B
1 KB 179ms
62ms Other
image/svg+xml 2606:4700::6812:1079
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myitworks.com/themes/rws-v3/images/favicon.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1079 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 01 Jul 2024 16:53:47 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 7150
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 01 Mar 2023 19:06:35 GMT
Server: cloudflare
ETag: W/"28dcb8f1704cd91:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=14400
CF-RAY: 89c7ea0cdd4d1a49-FRA
Access-Control-Allow-Headers: Content-Type,Authorization
Expires: Mon, 01 Jul 2024 20:53:47 GMT

POST
H3 200 89c7e9fdcd509186 Show response
bmoochler.itworks.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame EF88 0
401 B 85ms
68ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/cdn-cgi/challenge-platform/h/g/jsd/r/89c7e9fdcd509186
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 01 Jul 2024 16:53:47 GMT
server: cloudflare
cf-ray: 89c7ea0d191e9186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

POST
H3 200 log Show response
bmoochler.itworks.com/api/ 0
157 B 169ms
168ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:47 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea0d19219186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 bag Show response
bmoochler.itworks.com/ajax/ 1 KB
917 B 1126ms
1125ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bmoochler.itworks.com/ajax/bag

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aefe05dad3bf2ed612f050eba77be4a5c0ff39266e5aa48da9e55c5d4e5272f7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-iwgtime: 7/1/2024 11:53:48 AM
pragma: no-cache
date: Mon, 01 Jul 2024 16:53:48 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json; Charset=utf-8
cache-control: no-store,no-cache
cf-ray: 89c7ea0d19259186-FRA
alt-svc: h3=":443"; ma=86400
expires: Sun, 30 Jun 2024 16:53:48 GMT

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTAzIn0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/ 42 KB
0 195ms
58ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTAzIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/event-stream
Cache-Control: no-cache
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 30ms
29ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46q0v890894587z879783485za200zb79783485&_p=1719852825727&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1345233430.1719852826&ecid=1364245132&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=3&sid=1719852826&sct=1&seg=0&dl=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=page_load_time&epn.loading_time_sec=3.33&_et=1308&tfd=3574&_z=fetch
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 16:53:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bmoochler.itworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 30ms
28ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46q0v890894587za200zb79783485&_p=1719852825727&_gaz=1&gcs=G111&gcu=1&gcd=13r3r3r2r5&npa=0&dma_cps=sypham&dma=1&tag_exp=0&gcut=3&cid=1345233430.1719852826&ecid=1364245132&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=4&sid=1719852826&sct=1&seg=0&dl=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=user_engagement&ep.ga_temp_client_id=1345233430.1719852826&_et=235&tfd=3575&_z=fetch
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 16:53:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bmoochler.itworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 96ms
34ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B9ZCN4XJNP&cid=1345233430.1719852826&gtm=45je46q0v890894587za200zb79783485&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13r3r3r2r5&npa=0&frm=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 16:53:47 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bmoochler.itworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 89ms
57ms Image
image/gif 216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B9ZCN4XJNP&cid=1345233430.1719852826&gtm=45je46q0v890894587za200zb79783485&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13r3r3r2r5&npa=0&frm=0&z=869016519

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s10-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 16:53:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 US Show response
services.itworks.com/countries/v1/countrysettings/ 709 B
887 B 491ms
490ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/countries/v1/countrysettings/US

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

messageid: ff926cd0-c560-4970-a82b-dad8e3015e2a
date: Mon, 01 Jul 2024 16:53:49 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Mon, 01 Jul 2024 16:53:49 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
xcalledservice: S:https://see-inbound-policy.com/
access-control-expose-headers: CorrelationId
cache-control: public, max-age=14400
cf-ray: 89c7ea141bcd9107-FRA
expires: Mon, 01 Jul 2024 20:53:49 GMT

GET
H3 200 US Show response
services.itworks.com/countries/v1/countrysettings/ 709 B
0 491ms
491ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.itworks.com/countries/v1/countrysettings/US
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

messageid: ff926cd0-c560-4970-a82b-dad8e3015e2a
date: Mon, 01 Jul 2024 16:53:49 GMT
content-encoding: gzip
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Mon, 01 Jul 2024 16:53:49 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
content-type: application/json; charset=utf-8
access-control-expose-headers: CorrelationId
cache-control: public, max-age=14400
cf-ray: 89c7ea141bcd9107-FRA
expires: Mon, 01 Jul 2024 20:53:49 GMT

GET
H2 200 site_redirects Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 19 KB
5 KB 81ms
81ms XHR
application/json 2606:4700::6812:1183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18e345cb10d0d0501810a56e95a92fd69b29dfc726b655b8de807216779ac870

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 01 Jul 2024 16:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 34
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 4508
x-served-by: cache-fra-eddf8230064-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:49 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea181eb76913-FRA
expires: Mon, 01 Jul 2024 16:58:49 GMT

OPTIONS
H2 204 site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 148ms
79ms Preflight 2606:4700::6812:1183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea179e466913-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230145-FRA

OPTIONS
H2 204 5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/ Frame 0
0 116ms
116ms Preflight 3.212.118.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.212.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-118-41.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Mon, 01 Jul 2024 16:53:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 202 5bb3bd847387e1367e01ff04 Show response
events.launchdarkly.com/events/bulk/ 0
358 B 349ms
348ms XHR
application/json 3.212.118.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.212.118.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-212-118-41.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-LaunchDarkly-Payload-ID: 7d315040-37ca-11ef-8953-692e37051e12
X-LaunchDarkly-Event-Schema: 4
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

GET
H3 404 bmoochler
services.itworks.com/customer/v1/profiles/ 0
454 B 531ms
530ms XHR
text/plain 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/customer/v1/profiles/bmoochler

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

correlationid: 608d4f12d06b4a7389c116afff00dad1
messageid: f03d6df8-a756-49dc-9d68-018d4da317b0
date: Mon, 01 Jul 2024 16:53:50 GMT
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
access-control-expose-headers: CorrelationId
cache-control: public, max-age=30
cf-ray: 89c7ea18b9a49107-FRA
expires: Mon, 01 Jul 2024 16:54:20 GMT

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame 0
0 89ms
88ms Preflight 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea18b91d9165-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230155-FRA

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame 0
0 94ms
94ms Preflight 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=en-US&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea18b91f9165-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230155-FRA

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 133 KB
24 KB 79ms
79ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8587f4071d11c8ecd5cd388abd1e8cc3de98e72c70fcac59d2458f349f631e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 01 Jul 2024 16:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 91
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 24096
x-served-by: cache-fra-eddf8230040-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:49 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea1949ee9165-FRA
expires: Mon, 01 Jul 2024 16:58:49 GMT

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 4 KB
2 KB 67ms
66ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=en-US&limit=1

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48297ac13e76efd39f64d23005c41a9d27bf6528ec62faba0715f07fc42a0260

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 2
date: Mon, 01 Jul 2024 16:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 1
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1588
x-served-by: cache-fra-eddf8230128-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:49 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea1949f89165-FRA
expires: Mon, 01 Jul 2024 16:58:49 GMT

GET
H2 200 lo.js Show response
d20519brkbo4nz.cloudfront.net/core/ 13 KB
5 KB 112ms
30ms Script
text/javascript 2600:9000:225b:8800:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d20519brkbo4nz.cloudfront.net/core/lo.js?site-id=b5b84745
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/main.9c030feea479381c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:8800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f1af3d8764c953e392d3f12b9645ac7f1826b19d9204534a08634761adc75b31

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:40:01 GMT
content-encoding: gzip
via: 1.1 3ddbbcaacc1ba68ddfab04ef45c3ca98.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
age: 828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4672
last-modified: Tue, 18 Jun 2024 20:39:57 GMT
server: AmazonS3
etag: "3ff941ebab9571a9dc6b8881bbfe5945"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: T4la-MGwOi6qSTQlUicdXf4EJe2TV8vfcXgCDsFu-vlhaNLyzY7tGQ==

GET
H2 200 b5b84745 Show response
settings.luckyorange.com/ 149 B
239 B 143ms
143ms Fetch
application/json 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/b5b84745
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 64b1fb0730a1573b37b164dc32848fd6298ca1116285991f86228c42b312d52a

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-lucky-referrer
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:49 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149

OPTIONS
H2 200 b5b84745
settings.luckyorange.com/ Frame 0
0 197ms
142ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/b5b84745
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://bmoochler.itworks.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Mon, 01 Jul 2024 16:53:49 GMT
via: 1.1 google

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame 0
0 56ms
56ms Preflight 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=en-US&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea1a3b469165-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230155-FRA

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 445ms
445ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a659186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 438ms
438ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a669186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 442ms
441ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a679186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 461ms
461ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a699186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 450ms
450ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a6a9186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 446ms
446ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a6b9186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 459ms
458ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a6c9186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log Show response
bmoochler.itworks.com/api/ 0
157 B 142ms
141ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:49 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a6d9186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 463ms
463ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a6f9186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 439ms
439ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a719186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 436ms
435ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a739186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 455ms
455ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a759186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 470ms
470ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1a1a789186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 600 KB
157 KB 74ms
74ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=en-US&limit=1

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 01 Jul 2024 16:53:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 464
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 160513
x-served-by: cache-fra-eddf8230138-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:49 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea1a9bd09165-FRA
expires: Mon, 01 Jul 2024 16:58:49 GMT

GET
H3 404 details
services.itworks.com/customer/v1/profiles/bmoochler/ 0
454 B 533ms
533ms XHR
text/plain 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/customer/v1/profiles/bmoochler/details

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

correlationid: e7d8fceec904cb43422bb6ed8b52b320
messageid: 469751f2-7304-458c-8c50-f0bea9f69abb
date: Mon, 01 Jul 2024 16:53:50 GMT
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
access-control-expose-headers: CorrelationId
cache-control: public, max-age=30
cf-ray: 89c7ea1a4bda9107-FRA
expires: Mon, 01 Jul 2024 16:54:20 GMT

GET
H2 200 IW-DT-Logo.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/bd21d716-d165-42e5-aaf2-20eb24f0d1d5/ 5 KB
5 KB 86ms
24ms Image
image/svg+xml 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/bd21d716-d165-42e5-aaf2-20eb24f0d1d5/IW-DT-Logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eb0a40d6189d005af2798fedd75181a76cf220bcfef2bb917754cd86edaa61e1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100092-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
last-modified: Fri, 02 Sep 2022 15:11:24 GMT
x-timer: S1719852830.876663,VS0,VE2
etag: 0x8DA8CF5670027F4
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4863
x-cache-hits: 18, 1

GET
H2 200 icon-instagram.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/ 3 KB
3 KB 85ms
23ms Image
image/svg+xml 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/icon-instagram.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100059-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
last-modified: Wed, 09 Aug 2023 17:14:17 GMT
x-timer: S1719852830.876234,VS0,VE2
etag: 0x8DB98FC1030F36A
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2930
x-cache-hits: 10867, 0

GET
H2 200 icon-facebook.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/ 462 B
606 B 83ms
22ms Image
image/svg+xml 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/icon-facebook.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000051-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
last-modified: Wed, 09 Aug 2023 17:14:49 GMT
x-timer: S1719852830.876664,VS0,VE1
etag: 0x8DB98FC2354D19C
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 462
x-cache-hits: 10702, 0

GET
H2 200 twitter-black%2032x32.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/ 785 B
927 B 84ms
22ms Image
image/svg+xml 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/twitter-black%2032x32.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200034-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
last-modified: Wed, 03 Apr 2024 14:28:37 GMT
x-timer: S1719852830.877068,VS0,VE1
etag: 0x8DC53EA59EEDAB8
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 785
x-cache-hits: 25, 0

GET
H2 200 icon-pinterest.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/ 1 KB
1 KB 82ms
20ms Image
image/svg+xml 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/icon-pinterest.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200024-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
last-modified: Wed, 09 Aug 2023 17:15:55 GMT
x-timer: S1719852830.876268,VS0,VE1
etag: 0x8DB98FC4AD3F6A5
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1193
x-cache-hits: 21450, 0

GET
H2 200 Daily_Routine_WEB_tile%20link.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/99249ef2-70e4-431e-8e9d-7b2b486bc835/ 8 KB
9 KB 86ms
25ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/99249ef2-70e4-431e-8e9d-7b2b486bc835/Daily_Routine_WEB_tile%20link.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2cd45b88dd4853790f6bbe31868533c78a2a968d5c17f5961fc8a829ae46dbf7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200177-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-kiad7010251
x-timer: S1719852830.877326,VS0,VE2
etag: "dMkIQ3qOc8e3/7Qva4MtW/crhX6CCvU+MupdsWIyvd8"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=69486 idim=225x280 ifmt=png ofsz=8466 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8466
x-cache-hits: 27, 0

GET
H2 200 Slimming%20Essentials%20Tile.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/62aa665b-0af5-4c7d-86aa-8a35f2871cd9/ 6 KB
6 KB 23ms
20ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/62aa665b-0af5-4c7d-86aa-8a35f2871cd9/Slimming%20Essentials%20Tile.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9c78ef0542ca77fc9a13c737d610c4bde84d58a8d18a7cfd8a3d397a467b25b6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000107-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-kiad7010215
x-timer: S1719852830.904071,VS0,VE1
etag: "dzch9KGLP5IYXNSjXxJx9dKZTMEzw+IAO/sXennerTs"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=38161 idim=225x280 ifmt=png ofsz=5932 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5932
x-cache-hits: 548, 0

GET
H2 200 Weight%20Control%20Deluxe%20Tile.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ebb2a30c-0f30-410f-b608-890c76a69322/ 6 KB
6 KB 24ms
22ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ebb2a30c-0f30-410f-b608-890c76a69322/Weight%20Control%20Deluxe%20Tile.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 79fa6442200868134c7be504c9b67aa02bc21d87fb82c5678be70904b2b5503e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200128-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-kiad7010216
x-timer: S1719852830.904174,VS0,VE1
etag: "Z5OGZCseOi2bXkJT3um7uzam0MzrVERTzCHqS3/oZHI"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=48827 idim=225x280 ifmt=png ofsz=6170 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6170
x-cache-hits: 18, 0

GET
H2 200 Weight%20Control%20Signature%20Tile.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3c9ca7c7-0cbd-4cae-9142-089ac6afec3a/ 6 KB
7 KB 26ms
25ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3c9ca7c7-0cbd-4cae-9142-089ac6afec3a/Weight%20Control%20Signature%20Tile.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a383cf4d75cc99cb2e430930b91c439721988c13449af37ab7b79f36e5bf5aca

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100101-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-kiad7010229
x-timer: S1719852830.906862,VS0,VE1
etag: "nw8IWAsQ5H/oHb33nP9cvSYzl1xjHbEaWwDf5lSsmX0"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=49381 idim=225x280 ifmt=png ofsz=6448 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6448
x-cache-hits: 10462, 0

GET
H2 200 Healthy%20Gut%20Essentials%20System%20Listing_US%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/baf65e9f-123d-4303-9741-5bf44826c6ae/ 63 KB
63 KB 62ms
60ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/baf65e9f-123d-4303-9741-5bf44826c6ae/Healthy%20Gut%20Essentials%20System%20Listing_US%20%281%29.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 903a321d283ffa4251192e1e9821747ef4d87f3037566850654b8c12080e7b4b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200054-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-kiad7010229
x-timer: S1719852830.907235,VS0,VE1
etag: "0cUQfoxYx8V1wO2DFWhIltYkl+QK0tjgfShdZQH5e7Y"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=735680 idim=1080x1080 ifmt=png ofsz=64084 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 64084
x-cache-hits: 28, 0

GET
H2 200 Healthy%20Gut%20Deluxe%20System%20Listing_US%20%283%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4d6147a3-8b88-4f38-8720-afddf97952e4/ 57 KB
58 KB 28ms
27ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4d6147a3-8b88-4f38-8720-afddf97952e4/Healthy%20Gut%20Deluxe%20System%20Listing_US%20%283%29.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 00009457628d2dadae8ccea6d0e538c04b2ce3df26f30abc0d7910b553f977b4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100080-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-kiad7010213
x-timer: S1719852830.907212,VS0,VE1
etag: "ysfDJuHtgPvhTwREZjka/SY+/2Xqi1DteS0ptcA7oT8"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=647231 idim=1080x1080 ifmt=png ofsz=58748 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 58748
x-cache-hits: 29, 0

GET
H2 200 Healthy%20Gut%20Reset%20Signature%20System%20Listing_US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/8b9d3d6e-edd0-4b94-a888-b4a85541a18e/ 62 KB
62 KB 26ms
25ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/8b9d3d6e-edd0-4b94-a888-b4a85541a18e/Healthy%20Gut%20Reset%20Signature%20System%20Listing_US.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a55e8bca5da7f5dcbd680cab6423ce3e52d9acaf1c64fba74390efa5c0f47f36

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000097-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-kiad7010231
x-timer: S1719852830.907193,VS0,VE1
etag: "X58UKsTswJqUSVr4zmHT868nwm7XPJS1/hZC+Fxxic0"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=670024 idim=1080x1080 ifmt=png ofsz=63188 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 63188
x-cache-hits: 31, 0

GET
H2 200 Active%20Lifestyle_Essentials%20System_Active_Essentials.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/169c884d-39ac-4699-a384-a44e34781b25/ 52 KB
52 KB 63ms
62ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/169c884d-39ac-4699-a384-a44e34781b25/Active%20Lifestyle_Essentials%20System_Active_Essentials.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 23649b5d45272bed606232a4a56432ca77883c59f635d586ad2404917fccdfaa

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100032-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-mnz1300720
x-timer: S1719852830.908039,VS0,VE2
etag: "g1MAoGBW8PC3PwZyblLO6155K70F/gWX5Hca8ZeH+W4"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=660545 idim=1081x1081 ifmt=png ofsz=53310 odim=1081x1081 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 53310
x-cache-hits: 4774, 0

GET
H2 200 Active%20Lifestyle_System_Active_Deluxe%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b588659d-7d58-4fdb-98e4-ea8f85700f3b/ 49 KB
49 KB 62ms
61ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b588659d-7d58-4fdb-98e4-ea8f85700f3b/Active%20Lifestyle_System_Active_Deluxe%20System.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3d42f70049ebfee9a879aeba1e4dbd0c94286164d2f96adc6fd73b29c86eb032

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200058-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
x-timer: S1719852830.907634,VS0,VE1
etag: "cOz7P8Ud6qbgg3Ikwc0seL6ZDofKEM//hAH4LEAFIW4"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=676583 idim=1081x1081 ifmt=png ofsz=50458 odim=1081x1081 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 50458
x-cache-hits: 9740, 0

GET
H2 200 Active%20Lifestyle_System_Active_Signature.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c8cf8717-fef4-465a-b7bd-99bb7478e4e9/ 43 KB
44 KB 61ms
60ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c8cf8717-fef4-465a-b7bd-99bb7478e4e9/Active%20Lifestyle_System_Active_Signature.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 887a325777f013f020501c7db8fcfca2eceea89a66b129f5d3c4608124ae5d83

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000066-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
x-timer: S1719852830.907597,VS0,VE1
etag: "vMiOvck7YzByG2HSzgY8uF2bjEXe9yCk+p5ptja0fKw"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=553946 idim=1081x1081 ifmt=png ofsz=44450 odim=1081x1081 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 44450
x-cache-hits: 10429, 0

GET
H2 200 Simplypure%20Collection%20US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/daae86b2-0713-41d1-a8b9-e8da0c44190e/ 3 KB
4 KB 62ms
61ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/daae86b2-0713-41d1-a8b9-e8da0c44190e/Simplypure%20Collection%20US.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 941471be3ed659eb42f3a2e159b3e29151dc766576e1cd29b71950f4a8e76f91

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200028-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-mnz1300705
x-timer: S1719852830.908162,VS0,VE1
etag: "KULF8JTKb9t0+BQTop97HxdEbprvJAbej4OeB5NjF0o"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=34831 idim=225x280 ifmt=png ofsz=3218 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3218
x-cache-hits: 4264, 0

GET
H2 200 hair-and-body-set-tile-link.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ae2bf8f4-e605-49db-bb67-6bcf035d9f0f/ 3 KB
3 KB 62ms
61ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ae2bf8f4-e605-49db-bb67-6bcf035d9f0f/hair-and-body-set-tile-link.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 058d4da2552f04cfdfdecc03a38df9bd9e857321a810306ce3907aad25d859d8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100168-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-mnz1300719
x-timer: S1719852830.908379,VS0,VE1
etag: "5D5avtMD6rB9WrejZAdRi9MNVe+4FITYbUva8PRWr48"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=28406 idim=225x280 ifmt=png ofsz=3096 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3096
x-cache-hits: 18065, 0

GET
H2 200 418201-root-revival-set-tile-link.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/16449232-ec24-4d58-9454-8b7e867a5aa1/ 8 KB
8 KB 62ms
61ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/16449232-ec24-4d58-9454-8b7e867a5aa1/418201-root-revival-set-tile-link.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 530f1dde02a66daaa50088341941102d99e7a182280036ec9dc2c6c9c7cf0d21

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000040-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-mnz1300719
x-timer: S1719852830.908119,VS0,VE1
etag: "LwkdmfAjdS7gZKga93HujhPRsjNSSO8VTT44/1ERVEs"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=69120 idim=225x280 ifmt=png ofsz=8428 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8428
x-cache-hits: 4168, 0

GET
H2 200 31104VALUE-SuperGreens%2B_OTG_Berry-1080x1080%20%281%29-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/020866f5-1c52-4647-b0fb-001f5fd7a455/ 45 KB
46 KB 62ms
61ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/020866f5-1c52-4647-b0fb-001f5fd7a455/31104VALUE-SuperGreens%2B_OTG_Berry-1080x1080%20%281%29-min.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: aa5f319abf4fec3ec9cfcb2dbccbf3f876e34b7a91061d3c98180222dcfa2d17

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000057-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
x-timer: S1719852830.908141,VS0,VE1
etag: "WzmPMY9wR4RJioPh9uKq+nRdp2V+VP4E3y87P20ISFw"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=213306 idim=1081x1081 ifmt=png ofsz=46444 odim=1081x1081 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 46444
x-cache-hits: 1029, 0

GET
H2 200 38601VALUE-Skinny-Proffee-1080x1080%20%281%29-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e2ecc726-ac33-41e0-997a-9dd8786630b9/ 115 KB
116 KB 62ms
61ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e2ecc726-ac33-41e0-997a-9dd8786630b9/38601VALUE-Skinny-Proffee-1080x1080%20%281%29-min.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d61b28fa7eeed4d6714bea600452aec950028bb55febf6b21d9ca38157ff7ee7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200144-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-kiad7010227
x-timer: S1719852830.908093,VS0,VE1
etag: "cHu9wpLVe2HVBxpo86fejUtrbFXNFCE5RDA//7zsTdw"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=386701 idim=1081x1081 ifmt=png ofsz=117996 odim=1081x1081 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 117996
x-cache-hits: 1651, 0

GET
H2 200 37501VALUE-Power%20Hydrate-1080x1080%20%281%29-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7a6cd079-09df-4cd2-b9ba-07dc5e04abf2/ 45 KB
46 KB 62ms
62ms Image
image/webp 2a04:4e42:400::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7a6cd079-09df-4cd2-b9ba-07dc5e04abf2/37501VALUE-Power%20Hydrate-1080x1080%20%281%29-min.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31e71dc9daeb2cc9e8f98bc38f78f9bd9d1f3d3f8d3ed9631e3b13e3de70137c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000056-IAD, cache-fra-etou8220112-FRA
date: Mon, 01 Jul 2024 16:53:49 GMT
fastly-io-served-by: vpop-mnz1300712
x-timer: S1719852830.908094,VS0,VE2
etag: "gJxZWRXQQUvfhhkkYkySXRo1W/dc1KPAce5DKzs4IoU"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=271713 idim=1081x1081 ifmt=png ofsz=46328 odim=1081x1081 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 46328
x-cache-hits: 2011, 0

GET
H3 200 ico-caret-down.svg
bmoochler.itworks.com/portal/ 193 B
535 B 458ms
457ms Image
image/svg+xml 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bmoochler.itworks.com/portal/ico-caret-down.svg

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"c1-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1a5ac59186-FRA
expires: Mon, 01 Jul 2024 20:53:50 GMT

GET
H3 200 us.svg
bmoochler.itworks.com/portal/ 4 KB
1 KB 455ms
454ms Image
image/svg+xml 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bmoochler.itworks.com/portal/us.svg

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"116d-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1a5ac99186-FRA
expires: Mon, 01 Jul 2024 20:53:50 GMT

GET
H3 200 ico-search.svg
bmoochler.itworks.com/portal/ 625 B
715 B 446ms
446ms Image
image/svg+xml 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bmoochler.itworks.com/portal/ico-search.svg

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"271-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1a5ad49186-FRA
expires: Mon, 01 Jul 2024 20:53:50 GMT

GET
H3 200 ico-user.svg
bmoochler.itworks.com/portal/ 837 B
823 B 447ms
447ms Image
image/svg+xml 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bmoochler.itworks.com/portal/ico-user.svg

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"345-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1a5ad89186-FRA
expires: Mon, 01 Jul 2024 20:53:50 GMT

GET
H3 200 ico-bag.svg
bmoochler.itworks.com/portal/ 553 B
707 B 468ms
467ms Image
image/svg+xml 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bmoochler.itworks.com/portal/ico-bag.svg

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"229-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1a5ada9186-FRA
expires: Mon, 01 Jul 2024 20:53:50 GMT

GET
H3 200 ico-close-small-white.svg
bmoochler.itworks.com/portal/ 383 B
619 B 451ms
451ms Image
image/svg+xml 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bmoochler.itworks.com/portal/ico-close-small-white.svg

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"17f-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1a5adb9186-FRA
expires: Mon, 01 Jul 2024 20:53:50 GMT

GET
H3 200 loader.svg
bmoochler.itworks.com/portal/ 829 B
782 B 441ms
441ms Image
image/svg+xml 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bmoochler.itworks.com/portal/loader.svg

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"33d-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1a5adc9186-FRA
expires: Mon, 01 Jul 2024 20:53:50 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 26ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Origin: https://bmoochler.itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 25 Jun 2024 15:15:04 GMT
x-content-type-options: nosniff
age: 524325
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Jun 2025 15:15:04 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 23ms
22ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Origin: https://bmoochler.itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 21:41:06 GMT
x-content-type-options: nosniff
age: 328363
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7992
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 21:41:06 GMT

GET
H3 200 Inter-roman.var.woff2
bmoochler.itworks.com/portal/ 158 KB
0 531ms
531ms Font
font/woff2 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bmoochler.itworks.com/portal/Inter-roman.var.woff2?v=3.19

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/portal/styles.dd8bbc58b4c4c29e.css
Origin: https://bmoochler.itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
content-length: 227180
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"3776c-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://bmoochler.itworks.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 89c7ea1a7aeb9186-FRA
expires: Mon, 01 Jul 2024 20:53:50 GMT

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 162ms
162ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1c0ce39186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 Primary Request / Show response
itworks.com/ 17 KB
5 KB 481ms
468ms Document
text/html 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/main.9c030feea479381c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

f6a583e9686acb61fa70119f1af53e231a6cc799bbb1aa8c53ad0a4ef24bf6e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bmoochler.itworks.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 89c7ea1c1d099186-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Mon, 01 Jul 2024 16:53:50 GMT
last-modified: Mon, 01 Jul 2024 10:37:32 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=2592000
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-xss-protection: 1; mode=block

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame 0
0 45ms
45ms Preflight 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=en-US&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea1c6e8c9165-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230155-FRA

OPTIONS
H3 204 global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 44ms
44ms Preflight 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea1c6e8f9165-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230155-FRA

OPTIONS
H3 204 untitled_content_item_7eaf584
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 56ms
56ms Preflight 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_7eaf584?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea1c8ead9165-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230051-FRA

OPTIONS
H3 204 untitled_content_item_e785bd0
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 50ms
50ms Preflight 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_e785bd0?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea1c8eb19165-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230155-FRA

OPTIONS
H3 204 untitled_content_item_424b703
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 55ms
54ms Preflight 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_424b703?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea1c8eb59165-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230155-FRA

OPTIONS
H3 204 untitled_content_item_34ffc92
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 66ms
66ms Preflight 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_34ffc92?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea1c8eb89165-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230051-FRA

OPTIONS
H3 204 untitled_content_item_bcdb313
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame 0
0 66ms
66ms Preflight 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_bcdb313?depth=99&language=en-US

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://bmoochler.itworks.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 89c7ea1c8eba9165-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230155-FRA

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 434ms
434ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1c2d279186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST log
bmoochler.itworks.com/api/ 0
0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 432ms
432ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1c3d319186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 404 details
services.itworks.com/customer/v1/profiles/bmoochler/ 0
0 217ms
217ms XHR
text/plain 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.itworks.com/customer/v1/profiles/bmoochler/details
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

correlationid: e7d8fceec904cb43422bb6ed8b52b320
messageid: 469751f2-7304-458c-8c50-f0bea9f69abb
date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
access-control-expose-headers: CorrelationId
cache-control: public, max-age=30
cf-ray: 89c7ea1a4bda9107-FRA
expires: Mon, 01 Jul 2024 16:54:20 GMT

GET products
services.itworks.com/product/v1/categories/best-sellers/ 0
0

GET
H2 200 E-v1.js
fast.wistia.com/assets/external/ 791 KB
134 KB 78ms
21ms Script
text/javascript 2a04:4e42:200::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/main.9c030feea479381c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
strict-transport-security: max-age=0
age: 1399
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 137078
x-served-by: cache-iad-kcgs7200057-IAD, cache-fra-etou8220122-FRA
x-browser-version: 126
last-modified: Fri, 28 Jun 2024 15:30:06 GMT
server: AmazonS3
x-timer: S1719852830.185192,VS0,VE0
etag: "1f3868273326150c64c60078ced47d51"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
x-browser: chrome
asset-version: 1fd1671f6ae7451069c38a223d5ed885f0669e78
x-ecma-v: modern
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 45, 75

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 428ms
427ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1c5d609186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST log
bmoochler.itworks.com/api/ 0
0

GET
H3 200 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 43 KB
11 KB 71ms
71ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=en-US&limit=1

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 01 Jul 2024 16:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 30
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10347
x-served-by: cache-fra-eddf8230036-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:50 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea1caee49165-FRA
expires: Mon, 01 Jul 2024 16:58:50 GMT

GET
H3 200 global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 1 KB
1 KB 79ms
79ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=en-US

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 01 Jul 2024 16:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 1
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 621
x-served-by: cache-fra-eddf8230040-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:50 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea1caee99165-FRA
expires: Mon, 01 Jul 2024 16:58:50 GMT

POST log
bmoochler.itworks.com/api/ 0
0

GET
H3 200 untitled_content_item_7eaf584
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 6 KB
2 KB 67ms
66ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_7eaf584?depth=99&language=en-US

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 01 Jul 2024 16:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 5
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1950
x-served-by: cache-fra-eddf8230076-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:50 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea1cdf179165-FRA
expires: Mon, 01 Jul 2024 16:58:50 GMT

GET
H3 200 untitled_content_item_e785bd0
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 6 KB
2 KB 63ms
62ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_e785bd0?depth=99&language=en-US

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 01 Jul 2024 16:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 5
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1970
x-served-by: cache-fra-eddf8230075-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:50 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea1cdf109165-FRA
expires: Mon, 01 Jul 2024 16:58:50 GMT

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 140ms
139ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1c8d9a9186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 200 log
bmoochler.itworks.com/api/ 0
157 B 143ms
142ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bmoochler.itworks.com/api/log
Requested by: Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://bmoochler.itworks.com
access-control-allow-credentials: true
cf-ray: 89c7ea1c8d9e9186-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 untitled_content_item_424b703
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 2 KB
1 KB 69ms
69ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_424b703?depth=99&language=en-US

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 01 Jul 2024 16:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 2
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 912
x-served-by: cache-fra-eddf8230095-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:50 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea1cef219165-FRA
expires: Mon, 01 Jul 2024 16:58:50 GMT

GET
H3 200 untitled_content_item_34ffc92
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 5 KB
2 KB 65ms
63ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_34ffc92?depth=99&language=en-US

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 01 Jul 2024 16:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 5
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1422
x-served-by: cache-fra-eddf8230053-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:50 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea1d0f559165-FRA
expires: Mon, 01 Jul 2024 16:58:50 GMT

GET
H3 200 untitled_content_item_bcdb313
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 2 KB
1 KB 82ms
79ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_bcdb313?depth=99&language=en-US

Requested by

Host: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://bmoochler.itworks.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Mon, 01 Jul 2024 16:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 2
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 981
x-served-by: cache-fra-eddf8230083-FRA
referrer-policy: no-referrer
last-modified: Mon, 01 Jul 2024 16:53:50 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 89c7ea1d0f579165-FRA
expires: Mon, 01 Jul 2024 16:58:50 GMT

GET
H3 200 Weight%20Control%2016%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/39e82b93-eff1-4f8d-ae95-203a9f5b31ab/ 25 KB
26 KB 25ms
23ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/39e82b93-eff1-4f8d-ae95-203a9f5b31ab/Weight%20Control%2016%201.jpg?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100089-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010246
x-timer: S1719852830.179676,VS0,VE2
etag: "6139G8ADMhfDfdAHKpSkTmBTibpZznub5xJFiVn5ICo"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=5724952 idim=4096x2304 ifmt=jpeg ofsz=25744 odim=1080x608 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25744
x-cache-hits: 32, 0

GET
H3 200 Featured%20Category-Gut%20Health-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1ccd3fde-8b3b-4943-9f1f-6a5d4250c744/ 42 KB
42 KB 26ms
23ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1ccd3fde-8b3b-4943-9f1f-6a5d4250c744/Featured%20Category-Gut%20Health-US.png?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000052-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010247
x-timer: S1719852830.180290,VS0,VE2
etag: "KrWkiSW4s2ih5kh66zalOy9cfo/LbL4JMfjeDVOwkQk"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=1321264 idim=1920x1080 ifmt=png ofsz=43016 odim=1080x608 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 43016
x-cache-hits: 28, 0

GET
H3 200 Active%20Lifestyle%2016.9%202%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/05953d3b-3b38-48c4-9768-b920a5361d1c/ 39 KB
39 KB 49ms
45ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/05953d3b-3b38-48c4-9768-b920a5361d1c/Active%20Lifestyle%2016.9%202%20%281%29.png?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100117-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010248
x-timer: S1719852830.182318,VS0,VE7
etag: "+cGZuomO2WrYecWhYE03PLPHVNMrGiPaUc9cfjGE+s0"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=8855564 idim=6953x3911 ifmt=png ofsz=39654 odim=1080x607 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 39654
x-cache-hits: 31, 0

GET
H3 200 Conf24-FIRM-Wrap-Defining%20Gel-1956-US-X2%201%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/842d20c5-a98f-4657-a248-9a2425aab527/ 19 KB
20 KB 50ms
45ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/842d20c5-a98f-4657-a248-9a2425aab527/Conf24-FIRM-Wrap-Defining%20Gel-1956-US-X2%201%20%281%29.png?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200096-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010251
x-timer: S1719852830.183930,VS0,VE3
etag: "G+ugCUaixmYEFWvoSCN7vn0Tvc3/imD3E1yoYshZUqs"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=259808 idim=992x559 ifmt=png ofsz=19816 odim=992x559 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 19816
x-cache-hits: 33, 0

GET
H3 200 Perks%20Member.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/ 87 KB
87 KB 51ms
46ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/Perks%20Member.jpg?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000075-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010246
x-timer: S1719852830.183563,VS0,VE2
etag: "lviakCqMB91dAcNDud3b3/N287w5Pu0iBrGqaFSv2iY"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=6791563 idim=3392x2729 ifmt=jpeg ofsz=89072 odim=1080x869 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 89072
x-cache-hits: 27, 0

GET
H3 200 Perks%20Member%205%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/ 76 KB
76 KB 52ms
47ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/Perks%20Member%205%201.png?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100113-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010211
x-timer: S1719852830.183584,VS0,VE1
etag: "oaVPn39LPIac7NWAMsTsZHx6cydSuwXsU8CxoFxRXNE"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=4578526 idim=2000x1600 ifmt=png ofsz=77820 odim=1080x864 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 77820
x-cache-hits: 7, 0

GET
H3 200 WrapRebrand_Banner_4096x1862.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fc56eef0-4fae-41d8-9ba7-7688b4bb8761/ 265 KB
266 KB 52ms
47ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fc56eef0-4fae-41d8-9ba7-7688b4bb8761/WrapRebrand_Banner_4096x1862.jpg?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000163-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010214
x-timer: S1719852830.183593,VS0,VE1
etag: "VLb/VroV8MpwQI5UWQQ128aRRz7L2OqWnLXktWLQUsM"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=2513168 idim=4096x1862 ifmt=jpeg ofsz=271594 odim=4096x1862 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 271594
x-cache-hits: 13, 0

GET
H3 200 30-day%20drop_HomepageHeroes_US_desktop.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5231eccb-3fe2-450d-8a00-be660fc0cb2c/ 442 KB
442 KB 59ms
55ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5231eccb-3fe2-450d-8a00-be660fc0cb2c/30-day%20drop_HomepageHeroes_US_desktop.jpg?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200167-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010249
x-timer: S1719852830.183566,VS0,VE1
etag: "JF7HtIKOIFYAWX8CeanRA2/u7e3c2TmkNudq3Da9yy4"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=3078224 idim=4096x1862 ifmt=jpeg ofsz=452590 odim=4096x1862 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 452590
x-cache-hits: 14, 0

GET
H3 200 tri-leaf-white-svg.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/ 1 KB
1 KB 51ms
48ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/tri-leaf-white-svg.svg?w=20&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000102-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
last-modified: Tue, 07 Nov 2023 21:51:52 GMT
x-timer: S1719852830.183261,VS0,VE1
etag: 0x8DBDFDBC0C24953
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1160
x-cache-hits: 1528, 0

GET
H3 200 lightbulb_innovation.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/ 1 KB
2 KB 54ms
51ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/lightbulb_innovation.svg?w=80&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200116-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
last-modified: Thu, 08 Feb 2024 18:01:52 GMT
x-timer: S1719852830.183246,VS0,VE1
etag: 0x8DC28D007CEFB54
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1362
x-cache-hits: 4, 0

GET
H3 200 handshake_community.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/ 4 KB
5 KB 54ms
52ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/handshake_community.svg?w=80&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200117-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
last-modified: Thu, 08 Feb 2024 18:05:37 GMT
x-timer: S1719852830.183237,VS0,VE1
etag: 0x8DC28D08D987F23
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4560
x-cache-hits: 24, 0

GET
H3 200 diversity_1_philanthropy.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/ 4 KB
4 KB 55ms
52ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/diversity_1_philanthropy.svg?w=80&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100044-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
last-modified: Thu, 08 Feb 2024 18:04:29 GMT
x-timer: S1719852830.183988,VS0,VE4
etag: 0x8DC28D064DCF562
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4248
x-cache-hits: 10206, 0

GET
H3 200 Summer%20BOGO-US-redone.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/33327cfc-5a82-48c9-94df-c60c8b6488f8/ 154 KB
154 KB 55ms
53ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/33327cfc-5a82-48c9-94df-c60c8b6488f8/Summer%20BOGO-US-redone.png?w=1056&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200132-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010231
x-timer: S1719852830.184016,VS0,VE1
etag: "GGwrOiaOYhgPvFx6L9QZoxbzuN4IpwNnd4fEc+oK5ic"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=2067674 idim=1350x1080 ifmt=png ofsz=157560 odim=1056x845 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 157560
x-cache-hits: 5, 0

GET
H3 200 Whats%20New-Multi%20Greens-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5323250b-4949-492c-a9fd-2b50cf4096e3/ 68 KB
69 KB 55ms
53ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5323250b-4949-492c-a9fd-2b50cf4096e3/Whats%20New-Multi%20Greens-US.png?w=1056&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000069-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010246
x-timer: S1719852830.184008,VS0,VE2
etag: "YcziDKZh6dy9yCN8GctHOysjk2H6XK5M9jzLWEaHut8"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=1230685 idim=1350x1080 ifmt=png ofsz=70092 odim=1056x845 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 70092
x-cache-hits: 25, 0

GET
H3 200 skinny-hydrate-cocomango-what%27snew-us.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/85baa2f7-7da0-4137-a5fc-8d6b42ba9801/ 47 KB
48 KB 55ms
54ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/85baa2f7-7da0-4137-a5fc-8d6b42ba9801/skinny-hydrate-cocomango-what%27snew-us.jpg?w=1056&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200149-IAD, cache-fra-etou8220039-FRA
date: Mon, 01 Jul 2024 16:53:50 GMT
fastly-io-served-by: vpop-kiad7010248
x-timer: S1719852830.184411,VS0,VE2
etag: "cOb8pyTIpAEECOaZU/dgbMuP5RvPqquHuCWGxY+yxlE"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=385029 idim=760x608 ifmt=jpeg ofsz=48394 odim=760x608 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 48394
x-cache-hits: 5, 0

GET fa-solid-900.woff2
bmoochler.itworks.com/portal/ 0
0

GET
H3 200 pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 22ms
21ms Font
font/woff2 142.250.186.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bmoochler.itworks.com/
Origin: https://bmoochler.itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 03:04:19 GMT
x-content-type-options: nosniff
age: 395371
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7844
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 03:04:19 GMT

GET loader-dark.svg
bmoochler.itworks.com/portal/ 0
0

GET MaterialSymbolsOutlined.woff2
bmoochler.itworks.com/assets/material-design-icons/ 0
0

POST log
bmoochler.itworks.com/api/ 0
0

GET l3pllw17al.json
fast.wistia.com/embed/medias/ 0
0

GET skjfu5id0v.json
fast.wistia.com/embed/medias/ 0
0

POST collect
region1.analytics.google.com/g/ 0
0

POST rum
bmoochler.itworks.com/cdn-cgi/ 0
0

GET fa-solid-900.woff
bmoochler.itworks.com/portal/ 0
0

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
0 1ms
1ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: itworks.com
URL: https://itworks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:45 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 5708982
x-cache: MISS, HIT
content-length: 29811
x-served-by: cache-lga21935-LGA, cache-fra-etou8220143-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1719852826.786453,VS0,VE0
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 0, 132992

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 213 KB
73 KB 50ms
47ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ea5ac8e9e026edd0a66a6bd6c13075338afbe94969555ae73dfabd18ba49f462

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 74244
x-xss-protection: 0

GET
H3 200 runtime.c1abea0f261abd32.js Show response
itworks.com/portal/ 3 KB
2 KB 446ms
443ms Script
application/javascript 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/runtime.c1abea0f261abd32.js

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

c01e01463c10a44f0dba00d3f2bcb523465a6f26a2dda16eb4275d5a1a4ea337

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:51 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"dda-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://itworks.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1f49499186-FRA
expires: Mon, 01 Jul 2024 20:53:51 GMT

GET
H3 200 polyfills.82a2842c2492498d.js Show response
itworks.com/portal/ 69 KB
25 KB 611ms
609ms Script
application/javascript 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/polyfills.82a2842c2492498d.js

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e8d7453f1b6aee84cf2a2eb5a5627e94f9974613636906dccc4908d10fec6aa6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:51 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"112bc-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://itworks.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1f494b9186-FRA
expires: Mon, 01 Jul 2024 20:53:51 GMT

GET
H3 200 scripts.2a1e351c7b378688.js Show response
itworks.com/portal/ 123 KB
45 KB 617ms
617ms Script
application/javascript 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/scripts.2a1e351c7b378688.js

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0faafdb139b75f63e0a8e3efe617e12474e8475fb08c39d22c5f78837d36f384

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:51 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"1ea63-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1fb9ff9186-FRA
expires: Mon, 01 Jul 2024 20:53:51 GMT

GET
H3 200 main.9c030feea479381c.js
itworks.com/portal/ 2 MB
0 629ms
628ms Script
application/javascript 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/main.9c030feea479381c.js

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:51 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"2e81ad-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://itworks.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1f494c9186-FRA
expires: Mon, 01 Jul 2024 20:53:51 GMT

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
0 1ms
1ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: itworks.com
URL: https://itworks.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:46 GMT
content-encoding: gzip
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
server: cloudflare
etag: W/"2024.6.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 89c7ea022edf9000-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 260 KB
0 1ms
1ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73c546420270cd8a3b7c1ecd8c0b63ef802be99d3698bb5eef3123db8772ba5d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:45 GMT
content-encoding: br
last-modified: Mon, 01 Jul 2024 15:09:08 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84457
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 Jul 2024 16:53:45 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 3ms
3ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:29:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1479
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Mon, 01 Jul 2024 18:29:07 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 43ms
43ms XHR
application/json 142.250.185.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.106 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://itworks.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H3 200 styles.dd8bbc58b4c4c29e.css
itworks.com/portal/ 1 MB
129 KB 802ms
802ms Stylesheet
text/css 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworks.com/portal/styles.dd8bbc58b4c4c29e.css

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

ff32dc5c259b37808e656bcd44ccc91cb197f435678f5724dd3805d9a5ec5207

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:51 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 01 Jul 2024 10:37:23 GMT
server: cloudflare
etag: W/"11952c-1906ddee6b8"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 89c7ea1fba029186-FRA
expires: Mon, 01 Jul 2024 20:53:51 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/ 45 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: itworks.com
URL: https://itworks.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Origin: https://itworks.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 27 Jun 2024 01:28:58 GMT
x-content-type-options: nosniff
age: 401088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46552
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:46:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 27 Jun 2025 01:28:58 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 322 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

90080c299281057c88f1e251f84b4c0926bea1f22259f18af2feda2a6d3a9c82

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 01 Jul 2024 16:53:46 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108300
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 01 Jul 2024 16:53:46 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
0 31ms
31ms Fetch
text/plain 216.239.34.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46q0v890894587z879783485za200zb79783485&_p=1719852830597&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=1010111636.1719852831&ecid=712113461&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&sid=1719852830&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=652&_z=fetch
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworks.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Mon, 01 Jul 2024 16:53:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://itworks.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: services.itworks.com
URL: https://services.itworks.com/product/v1/categories/best-sellers/products?country=US&language=en&customerType=LC&orderType=Shopping

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/fa-solid-900.woff2

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/loader-dark.svg

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/assets/material-design-icons/MaterialSymbolsOutlined.woff2

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/api/log

Domain: fast.wistia.com
URL: https://fast.wistia.com/embed/medias/l3pllw17al.json

Domain: fast.wistia.com
URL: https://fast.wistia.com/embed/medias/skjfu5id0v.json

Domain: region1.analytics.google.com
URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46q0v890894587za200zb79783485&_p=1719852825727&gcs=G111&gcd=13r3r3r2r5&npa=0&dma_cps=sypham&dma=1&tag_exp=0&cid=1345233430.1719852826&ecid=1364245132&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.126%7CGoogle%2520Chrome%3B126.0.6478.126&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EA&_s=5&sid=1719852826&sct=1&seg=0&dl=https%3A%2F%2Fbmoochler.itworks.com%2F&dt=Home%20%7C%20IT%20WORKS!&en=user_engagement&_et=2816&tfd=6395&_z=fetch

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/cdn-cgi/rum?

Domain: bmoochler.itworks.com
URL: https://bmoochler.itworks.com/portal/fa-solid-900.woff

Verdicts & Comments Add Verdict or Comment

170 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bmoochler.itworks.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 9f7eff85b46c32aa2296548b804975c679450eeafce3d01e461a25178aec0d90
.bmoochler.itworks.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 9f7eff85b46c32aa2296548b804975c679450eeafce3d01e461a25178aec0d90
.itworks.com/	1970-01-21 06:29:48	Name: toggle-user Value: US-en-RC-03
.itworks.com/	1970-01-21 06:29:48	Name: cf_clearance Value: qMsPLTwCoOyynAleq0Me2WFI29zs__xfN5EK43WiN24-1719852827-1.0.1.1-Auny4x7WYhyqTqjlTk8FcrUZ07bsi32F20NXRCf1n61NnjP49GcaqPvIcEpOVvPDd2QF8BoQ8Kn1eT8FnKFARg
.itworks.com/	1970-01-21 06:29:48	Name: IWGDetectedLocale Value: en-US
.itworks.com/	1970-01-21 06:29:48	Name: IWGCountrySlug Value: US
.itworks.com/	1970-01-21 06:29:48	Name: IWGLanguageSlug Value: en
.itworks.com/	1970-01-21 07:20:12	Name: _ga Value: GA1.1.1345233430.1719852826
.itworks.com/	1970-01-21 06:29:52	Name: IWGSessionGuid Value: {28F9F010-0540-4C6F-9ACC-3AD90486D8D9}
.itworks.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 9f7eff85b46c32aa2296548b804975c679450eeafce3d01e461a25178aec0d90
.itworks.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 9f7eff85b46c32aa2296548b804975c679450eeafce3d01e461a25178aec0d90
.itworks.com/	1970-01-21 07:20:12	Name: _ga_B9ZCN4XJNP Value: GS1.1.1719852826.1.0.1719852830.57.0.1364245132

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://services.itworks.com/customer/v1/profiles/bmoochler Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://services.itworks.com/customer/v1/profiles/bmoochler/details Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://services.itworks.com/customer/v1/profiles/bmoochler/details Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
assets-us-01.kc-usercontent.com
bmoochler.itworks.com
bmoochler.myitworks.com
clientstream.launchdarkly.com
cmsproxy.itworks.com
code.jquery.com
d20519brkbo4nz.cloudfront.net
events.launchdarkly.com
fast.wistia.com
fonts.gstatic.com
itworks.com
maps.googleapis.com
region1.analytics.google.com
region1.google-analytics.com
services.itworks.com
settings.luckyorange.com
static.cloudflareinsights.com
static.myitworks.com
stats.g.doubleclick.net
www.bskinnywrap.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
bmoochler.itworks.com
fast.wistia.com
region1.analytics.google.com
services.itworks.com
104.18.16.131
104.18.17.131
142.250.185.106
142.250.186.99
15.197.225.128
151.101.194.217
151.101.65.91
2001:4860:4802:32::36
216.239.34.36
216.58.206.35
2600:9000:225b:8800:18:6c16:27c0:93a1
2606:4700::6810:4f49
2606:4700::6812:1079
2606:4700::6812:1179
2606:4700::6812:1183
2a00:1450:4001:808::200a
2a00:1450:4001:827::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9d
2a04:4e42:200::644
2a04:4e42:200::649
2a04:4e42:400::347
3.212.118.41
34.107.203.234
76.223.31.44
00009457628d2dadae8ccea6d0e538c04b2ce3df26f30abc0d7910b553f977b4
058d4da2552f04cfdfdecc03a38df9bd9e857321a810306ce3907aad25d859d8
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0faafdb139b75f63e0a8e3efe617e12474e8475fb08c39d22c5f78837d36f384
18e345cb10d0d0501810a56e95a92fd69b29dfc726b655b8de807216779ac870
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028
23649b5d45272bed606232a4a56432ca77883c59f635d586ad2404917fccdfaa
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377
26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf
2cd45b88dd4853790f6bbe31868533c78a2a968d5c17f5961fc8a829ae46dbf7
31e71dc9daeb2cc9e8f98bc38f78f9bd9d1f3d3f8d3ed9631e3b13e3de70137c
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3d42f70049ebfee9a879aeba1e4dbd0c94286164d2f96adc6fd73b29c86eb032
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15
41fdc796dda3d663b3c9b84d6cca814692c15ed3eb33bc5f44f425e99ec93392
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b
48297ac13e76efd39f64d23005c41a9d27bf6528ec62faba0715f07fc42a0260
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
530f1dde02a66daaa50088341941102d99e7a182280036ec9dc2c6c9c7cf0d21
58073040e882e3a498ce06e9d45ce30fa290cf830adda0e894437fecbceac867
64b1fb0730a1573b37b164dc32848fd6298ca1116285991f86228c42b312d52a
657a376684bdff0b5813e13faaea9b3eda796d2b5070c9f50ec991975d10c642
73c546420270cd8a3b7c1ecd8c0b63ef802be99d3698bb5eef3123db8772ba5d
741eb6b4cfc8e36ad4bfda4588bb37e9d99b73447f1de662a3f90fafdf8d310e
79fa6442200868134c7be504c9b67aa02bc21d87fb82c5678be70904b2b5503e
8587f4071d11c8ecd5cd388abd1e8cc3de98e72c70fcac59d2458f349f631e30
872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798
887a325777f013f020501c7db8fcfca2eceea89a66b129f5d3c4608124ae5d83
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
90080c299281057c88f1e251f84b4c0926bea1f22259f18af2feda2a6d3a9c82
903a321d283ffa4251192e1e9821747ef4d87f3037566850654b8c12080e7b4b
941471be3ed659eb42f3a2e159b3e29151dc766576e1cd29b71950f4a8e76f91
9c78ef0542ca77fc9a13c737d610c4bde84d58a8d18a7cfd8a3d397a467b25b6
a383cf4d75cc99cb2e430930b91c439721988c13449af37ab7b79f36e5bf5aca
a55e8bca5da7f5dcbd680cab6423ce3e52d9acaf1c64fba74390efa5c0f47f36
aa5f319abf4fec3ec9cfcb2dbccbf3f876e34b7a91061d3c98180222dcfa2d17
aefe05dad3bf2ed612f050eba77be4a5c0ff39266e5aa48da9e55c5d4e5272f7
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070
c01e01463c10a44f0dba00d3f2bcb523465a6f26a2dda16eb4275d5a1a4ea337
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d61b28fa7eeed4d6714bea600452aec950028bb55febf6b21d9ca38157ff7ee7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7453f1b6aee84cf2a2eb5a5627e94f9974613636906dccc4908d10fec6aa6
ea5ac8e9e026edd0a66a6bd6c13075338afbe94969555ae73dfabd18ba49f462
eb0a40d6189d005af2798fedd75181a76cf220bcfef2bb917754cd86edaa61e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1af3d8764c953e392d3f12b9645ac7f1826b19d9204534a08634761adc75b31
f6a583e9686acb61fa70119f1af53e231a6cc799bbb1aa8c53ad0a4ef24bf6e0
f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c
ff32dc5c259b37808e656bcd44ccc91cb197f435678f5724dd3805d9a5ec5207

itworks.com Open in urlscan Pro 104.18.16.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

174 Requests

85 %HTTPS

54 %IPv6

17 Domains

24 Subdomains

25 IPs

4 Countries

3853 kBTransfer

13114 kBSize

12 Cookies

0 Outgoing links

Page URL History

Redirected requests

174 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

itworks.com Open in urlscan Pro
104.18.16.131 Public Scan

Screenshot
Live screenshot

Full Image

174
Requests

85 %
HTTPS

54 %
IPv6

17
Domains

24
Subdomains

25
IPs

4
Countries

3853 kB
Transfer

13114 kB
Size

12
Cookies

174 HTTP transactions
0 data transactions