Submitted URL: https://perfectbodywrap.myitworks.com/
Effective URL: https://itworks.com/
Submission: On May 05 via api from US — Scanned from DE

Summary

This website contacted 24 IPs in 4 countries across 15 domains to perform 202 HTTP transactions. The main IP is 104.18.16.131, located in and belongs to CLOUDFLARENET, US. The main domain is itworks.com. The Cisco Umbrella rank of the primary domain is 595696.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 6th 2024. Valid for: 10 months.
This is the only time itworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:600... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 92 104.18.16.131 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 172.217.18.10 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
8 151.101.130.217 54113 (FASTLY)
5 2606:4700::68... 13335 (CLOUDFLAR...)
8 34.194.12.154 14618 (AMAZON-AES)
2 13.248.151.210 16509 (AMAZON-02)
5 216.239.34.36 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 142.250.74.195 15169 (GOOGLE)
2 2600:9000:211... 16509 (AMAZON-02)
4 34.107.203.234 396982 (GOOGLE-CL...)
21 2a04:4e42:400... 54113 (FASTLY)
24 151.101.1.91 54113 (FASTLY)
1 142.250.181.227 15169 (GOOGLE)
202 24
Apex Domain
Subdomains
Transfer
98 itworks.com
perfectbodywrap.itworks.com
services.itworks.com — Cisco Umbrella Rank: 963746
itworks.com — Cisco Umbrella Rank: 595696
cmsproxy.itworks.com
5 MB
45 kc-usercontent.com
assets-us-01.kc-usercontent.com — Cisco Umbrella Rank: 55494
2 MB
18 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 736
events.launchdarkly.com — Cisco Umbrella Rank: 907
clientstream.launchdarkly.com — Cisco Umbrella Rank: 886
8 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
region1.google-analytics.com — Cisco Umbrella Rank: 2533
21 KB
6 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 361
248 KB
5 gstatic.com
fonts.gstatic.com
69 KB
4 luckyorange.com
settings.luckyorange.com — Cisco Umbrella Rank: 13498
414 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
183 KB
3 myitworks.com
perfectbodywrap.myitworks.com
static.myitworks.com — Cisco Umbrella Rank: 828101
1 KB
2 cloudfront.net
d20519brkbo4nz.cloudfront.net
5 KB
2 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
333 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3095
72 B
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 804
7 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 776
29 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 7810
63 B
202 15
Domain Requested by
50 itworks.com perfectbodywrap.itworks.com
itworks.com
45 assets-us-01.kc-usercontent.com
24 cmsproxy.itworks.com itworks.com
16 perfectbodywrap.itworks.com 1 redirects perfectbodywrap.itworks.com
static.cloudflareinsights.com
8 events.launchdarkly.com perfectbodywrap.itworks.com
itworks.com
8 services.itworks.com perfectbodywrap.itworks.com
itworks.com
8 app.launchdarkly.com perfectbodywrap.itworks.com
itworks.com
6 region1.google-analytics.com www.googletagmanager.com
6 maps.googleapis.com perfectbodywrap.itworks.com
maps.googleapis.com
itworks.com
5 fonts.gstatic.com perfectbodywrap.itworks.com
itworks.com
4 settings.luckyorange.com perfectbodywrap.itworks.com
itworks.com
4 www.googletagmanager.com perfectbodywrap.itworks.com
www.googletagmanager.com
itworks.com
2 d20519brkbo4nz.cloudfront.net perfectbodywrap.itworks.com
itworks.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com www.googletagmanager.com
2 clientstream.launchdarkly.com
2 static.myitworks.com
2 www.google-analytics.com perfectbodywrap.itworks.com
itworks.com
2 static.cloudflareinsights.com perfectbodywrap.itworks.com
itworks.com
2 code.jquery.com perfectbodywrap.itworks.com
itworks.com
1 www.google.de
1 perfectbodywrap.myitworks.com 1 redirects
202 22
Subject Issuer Validity Valid
itworks.com
Cloudflare Inc ECC CA-3
2024-03-06 -
2024-12-31
10 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
upload.video.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
cloudflareinsights.com
GTS CA 1P5
2024-03-10 -
2024-06-08
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-04-04 -
2025-05-06
a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M02
2023-06-21 -
2024-07-20
a year crt.sh
myitworks.com
GTS CA 1P5
2024-04-02 -
2024-07-01
3 months crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02
2023-08-09 -
2024-09-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.google.de
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2023-10-10 -
2024-09-19
a year crt.sh
settings.luckyorange.com
R3
2024-04-03 -
2024-07-02
3 months crt.sh
*.kc-usercontent.com
R3
2024-04-18 -
2024-07-17
3 months crt.sh

This page contains 2 frames:

Primary Page: https://itworks.com/
Frame ID: 7CB7CBEC1F3BE6035222FDBC2096B2EA
Requests: 178 HTTP requests in this frame

Frame: https://perfectbodywrap.itworks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Frame ID: 6F1B60CD13F20A8804E0E253CD4285EC
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Home | IT WORKS!

Page URL History Show full URLs

  1. https://perfectbodywrap.myitworks.com/ HTTP 302
    https://perfectbodywrap.itworks.com/ Page URL
  2. https://itworks.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

202
Requests

99 %
HTTPS

57 %
IPv6

15
Domains

22
Subdomains

24
IPs

4
Countries

7218 kB
Transfer

15668 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://perfectbodywrap.myitworks.com/ HTTP 302
    https://perfectbodywrap.itworks.com/ Page URL
  2. https://itworks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://perfectbodywrap.myitworks.com/ HTTP 302
  • https://perfectbodywrap.itworks.com/
Request Chain 21
  • https://perfectbodywrap.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://perfectbodywrap.itworks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js

202 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
perfectbodywrap.itworks.com/
Redirect Chain
  • https://perfectbodywrap.myitworks.com/
  • https://perfectbodywrap.itworks.com/
18 KB
5 KB
Document
General
Full URL
https://perfectbodywrap.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0f063daedc9dd024b13b139a8e7b87729690ea6a10e5fa87b456d5c2b0040b76
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
87efdac06b9c9763-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sun, 05 May 2024 09:55:22 GMT
last-modified
Fri, 03 May 2024 17:10:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=2592000
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-xss-protection
1; mode=block

Redirect headers

CF-Cache-Status
DYNAMIC
CF-RAY
87efdabaab3b9f30-FRA
Cache-Control
private
Connection
keep-alive
Content-Type
text/html; Charset=utf-8
Date
Sun, 05 May 2024 09:55:22 GMT
Server
cloudflare
Transfer-Encoding
chunked
location
https://perfectbodywrap.itworks.com
x-frame-options
SAMEORIGIN
jquery-2.2.4.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Origin
https://perfectbodywrap.itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
759078
x-cache
MISS, HIT
content-length
29811
x-served-by
cache-lga21935-LGA, cache-fra-etou8220103-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1714902923.810146,VS0,VE0
etag
W/"28feccc0-14e4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
0, 89343
js
maps.googleapis.com/maps/api/
201 KB
68 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
1395f7fdc86faa8477ae13bf894d66e08e73ba590f69cfd031a546d0e6b4592a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69198
x-xss-protection
0
runtime.ad0ac1376f4ec936.js
perfectbodywrap.itworks.com/portal/
4 KB
2 KB
Script
General
Full URL
https://perfectbodywrap.itworks.com/portal/runtime.ad0ac1376f4ec936.js
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c13346da4ca7a2e62aba18c1721b149fbc549299aa418579a059da0366684d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Origin
https://perfectbodywrap.itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"e1b-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://perfectbodywrap.itworks.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdac32914911e-FRA
expires
Sun, 05 May 2024 13:55:23 GMT
polyfills.82a2842c2492498d.js
perfectbodywrap.itworks.com/portal/
69 KB
25 KB
Script
General
Full URL
https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e8d7453f1b6aee84cf2a2eb5a5627e94f9974613636906dccc4908d10fec6aa6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Origin
https://perfectbodywrap.itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"112bc-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://perfectbodywrap.itworks.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdac32915911e-FRA
expires
Sun, 05 May 2024 13:55:23 GMT
scripts.2a1e351c7b378688.js
perfectbodywrap.itworks.com/portal/
123 KB
45 KB
Script
General
Full URL
https://perfectbodywrap.itworks.com/portal/scripts.2a1e351c7b378688.js
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0faafdb139b75f63e0a8e3efe617e12474e8475fb08c39d22c5f78837d36f384
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"1ea63-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdac44a11911e-FRA
expires
Sun, 05 May 2024 13:55:23 GMT
main.9310f6fe8bf3ce40.js
perfectbodywrap.itworks.com/portal/
3 MB
664 KB
Script
General
Full URL
https://perfectbodywrap.itworks.com/portal/main.9310f6fe8bf3ce40.js
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
09feb63448ffff7fcaceb5419ee6bd1a3adff40531f7365820d382194ebce617
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Origin
https://perfectbodywrap.itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"297a80-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://perfectbodywrap.itworks.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdac32917911e-FRA
expires
Sun, 05 May 2024 13:55:23 GMT
vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Origin
https://perfectbodywrap.itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:23 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 12:12:17 GMT
server
cloudflare
etag
W/"2024.4.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
87efdac4aec21d84-FRA
gtm.js
www.googletagmanager.com/
241 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d659f25a60bc15cece7122cd53c0f57d0348eb44243ae47b3ac8a6b11deed6cd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80328
x-xss-protection
0
last-modified
Sun, 05 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 05 May 2024 09:55:22 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 05 May 2024 08:07:49 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6453
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 05 May 2024 10:07:49 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://perfectbodywrap.itworks.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
styles.bf2051ff17f3ef0a.css
perfectbodywrap.itworks.com/portal/
1 MB
127 KB
Stylesheet
General
Full URL
https://perfectbodywrap.itworks.com/portal/styles.bf2051ff17f3ef0a.css
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9095efdc7bec4800ab9884a18d5366f22e9ce6aca39d13d57b909092909405df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:23 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"1173ab-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdac45a13911e-FRA
expires
Sun, 05 May 2024 13:55:23 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/
45 KB
46 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Origin
https://perfectbodywrap.itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:20:53 GMT
x-content-type-options
nosniff
age
488070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46552
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:46:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Apr 2025 18:20:53 GMT
js
www.googletagmanager.com/gtag/
314 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b56736f671054035c9868da2d1e4f10fb44b0ff94e3576e6b575c79482d03813
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106103
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 May 2024 09:55:23 GMT
collect
region1.google-analytics.com/g/
0
263 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4510v890894587z879783485za200&_p=1714902922748&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=397942158.1714902923&ecid=522978045&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&sid=1714902923&sct=1&seg=0&dl=https%3A%2F%2Fperfectbodywrap.itworks.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1895
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://perfectbodywrap.itworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://perfectbodywrap.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Sun, 05 May 2024 09:55:24 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-etou8220058-FRA
x-timer
S1714902925.649361,VS0,VE3
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://perfectbodywrap.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Sun, 05 May 2024 09:55:24 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-etou8220058-FRA
x-timer
S1714902925.649341,VS0,VE1
level
perfectbodywrap.itworks.com/api/log/
20 B
217 B
XHR
General
Full URL
https://perfectbodywrap.itworks.com/api/log/level
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:24 GMT
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
87efdace9abd911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
20
countries
services.itworks.com/countries/v1/
3 KB
926 B
XHR
General
Full URL
https://services.itworks.com/countries/v1/countries
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

messageid
b51f1cb6-4638-4f01-b090-63469f625fe3
date
Sun, 05 May 2024 09:55:26 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
xdebug
S:
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation
S:True
xpassedapikey
S:
last-modified
Sun, 05 May 2024 09:55:26 GMT
server
cloudflare
xpassedheaderkey
S:
xpassedquerykey
S:
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
xoriginalurl
S:services.itworks.com
xcalledservice
S:https://see-inbound-policy.com/
access-control-expose-headers
CorrelationId
cache-control
public, max-age=14400
cf-ray
87efdacef97e190f-FRA
expires
Sun, 05 May 2024 13:55:26 GMT
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/
2 B
176 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
via
1.1 varnish
date
Sun, 05 May 2024 09:55:24 GMT
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-fra-etou8220058-FRA
x-timer
S1714902925.671945,VS0,VE1
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
access-control-max-age
300
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
0
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/
41 KB
6 KB
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
977459df5c51a07861a7365d84554211b66266165f446c654b0084a41a1d9ea3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:24 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-cache
HIT
content-length
5718
x-served-by
cache-fra-eddf8230138-FRA, cache-fra-etou8220058-FRA
x-timer
S1714902925.671919,VS0,VE3
etag
"68dbb"
access-control-max-age
3600
access-control-allow-methods
OPTIONS, GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
vary
Authorization, Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits
0
main.js
perfectbodywrap.itworks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/ Frame 6F1B
Redirect Chain
  • https://perfectbodywrap.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://perfectbodywrap.itworks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
8 KB
4 KB
Script
General
Full URL
https://perfectbodywrap.itworks.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/
Protocol
H3
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5450b14c8c05863b29a4c0576d6c21c34e2e15a2713eaac85c2e184c892c70e5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date
Sun, 05 May 2024 09:55:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
87efdacefb14911e-FRA
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Sun, 05 May 2024 09:55:24 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/d0ff3ebede6b/main.js
cache-control
max-age=300, public
cf-ray
87efdacecae1911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.12.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-12-154.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://perfectbodywrap.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Sun, 05 May 2024 09:55:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/
0
359 B
XHR
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.12.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-12-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://perfectbodywrap.itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
collect
region1.google-analytics.com/g/
0
55 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4510v890894587za200&_p=1714902922748&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=397942158.1714902923&ecid=522978045&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EEA&_s=2&sid=1714902923&sct=1&seg=0&dl=https%3A%2F%2Fperfectbodywrap.itworks.com%2F&dt=It%20Works!&en=scroll&epn.percent_scrolled=90&_et=9&tfd=3368
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://perfectbodywrap.itworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
perfectbodywrap.itworks.com/cdn-cgi/
0
150 B
XHR
General
Full URL
https://perfectbodywrap.itworks.com/cdn-cgi/rum?
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 05 May 2024 09:55:24 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://perfectbodywrap.itworks.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
87efdacf3b47911e-FRA
favicon.svg
static.myitworks.com/themes/rws-v3/images/
841 B
1 KB
Other
General
Full URL
https://static.myitworks.com/themes/rws-v3/images/favicon.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 05 May 2024 09:55:24 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
5795
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Wed, 01 Mar 2023 19:06:35 GMT
Server
cloudflare
ETag
W/"28dcb8f1704cd91:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
CF-RAY
87efdacf9cdd974f-FRA
Access-Control-Allow-Headers
Content-Type,Authorization
Expires
Sun, 05 May 2024 13:55:24 GMT
log
perfectbodywrap.itworks.com/api/
0
162 B
XHR
General
Full URL
https://perfectbodywrap.itworks.com/api/log
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://perfectbodywrap.itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:25 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://perfectbodywrap.itworks.com
access-control-allow-credentials
true
cf-ray
87efdacf6b8a911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
bag
perfectbodywrap.itworks.com/ajax/
1 KB
916 B
XHR
General
Full URL
https://perfectbodywrap.itworks.com/ajax/bag
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f4ee8728698e668652f8f6c22a3a62b882f773a7f5a9d6c4628c6aac30b9319
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-iwgtime
5/5/2024 4:55:25 AM
pragma
no-cache
date
Sun, 05 May 2024 09:55:25 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
application/json; Charset=utf-8
cache-control
no-store,no-cache
cf-ray
87efdacf6b8c911e-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 04 May 2024 09:55:24 GMT
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/
41 KB
0
EventSource
General
Full URL
https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.151.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
text/event-stream
Cache-Control
no-cache
Referer
https://perfectbodywrap.itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
87efdac06b9c9763
perfectbodywrap.itworks.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 6F1B
0
307 B
XHR
General
Full URL
https://perfectbodywrap.itworks.com/cdn-cgi/challenge-platform/h/g/jsd/r/87efdac06b9c9763
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Sun, 05 May 2024 09:55:24 GMT
server
cloudflare
cf-ray
87efdacffbfc911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
undefined
services.itworks.com/countries/v1/countrysettings/
41 B
157 B
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings/undefined
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f110fba976a69b025e229418bcea2eb685ceb52d7d3f6488b6a86aaa323d7308
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

messageid
73e59ea0-66d3-4472-b6e3-ce6d1eaa9c8d
date
Sun, 05 May 2024 09:55:26 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
xdebug
S:
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation
S:True
xpassedapikey
S:
last-modified
Sun, 05 May 2024 09:55:26 GMT
server
cloudflare
xpassedheaderkey
S:
xpassedquerykey
S:
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
xoriginalurl
S:services.itworks.com
xcalledservice
S:https://see-inbound-policy.com/
access-control-expose-headers
CorrelationId
cache-control
public, max-age=14400
cf-ray
87efdad5faeb190f-FRA
expires
Sun, 05 May 2024 13:55:26 GMT
undefined
services.itworks.com/countries/v1/countrysettings/
41 B
0
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings/undefined
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f110fba976a69b025e229418bcea2eb685ceb52d7d3f6488b6a86aaa323d7308

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

messageid
73e59ea0-66d3-4472-b6e3-ce6d1eaa9c8d
date
Sun, 05 May 2024 09:55:26 GMT
content-encoding
gzip
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
xdebug
S:
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation
S:True
xpassedapikey
S:
last-modified
Sun, 05 May 2024 09:55:26 GMT
server
cloudflare
xpassedheaderkey
S:
xpassedquerykey
S:
vary
Accept-Encoding
xcalledservice
S:https://see-inbound-policy.com/
access-control-allow-origin
*
xoriginalurl
S:services.itworks.com
content-type
application/json; charset=utf-8
access-control-expose-headers
CorrelationId
cache-control
public, max-age=14400
cf-ray
87efdad5faeb190f-FRA
expires
Sun, 05 May 2024 13:55:26 GMT
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4510v890894587z879783485za200&_p=1714902922748&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=397942158.1714902923&ecid=522978045&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&_s=3&sid=1714902923&sct=1&seg=0&dl=https%3A%2F%2Fperfectbodywrap.itworks.com%2F&dt=It%20Works!&en=page_load_time&epn.loading_time_sec=3.36&_et=1463&tfd=4819
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://perfectbodywrap.itworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
55 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4510v890894587za200&_p=1714902922748&_gaz=1&gcs=G111&gcd=13r3r3r2r5&npa=0&dma_cps=sypham&dma=1&cid=397942158.1714902923&ecid=522978045&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=4&sid=1714902923&sct=1&seg=0&dl=https%3A%2F%2Fperfectbodywrap.itworks.com%2F&dt=It%20Works!&en=user_engagement&ep.ga_temp_client_id=397942158.1714902923&_et=1445&tfd=4819
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://perfectbodywrap.itworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
263 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B9ZCN4XJNP&cid=397942158.1714902923&gtm=45je4510v890894587za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13r3r3r2r5&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://perfectbodywrap.itworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B9ZCN4XJNP&cid=397942158.1714902923&gtm=45je4510v890894587za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13r3r3r2r5&npa=0&z=503767736
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
log
perfectbodywrap.itworks.com/api/
0
162 B
XHR
General
Full URL
https://perfectbodywrap.itworks.com/api/log
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://perfectbodywrap.itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://perfectbodywrap.itworks.com
access-control-allow-credentials
true
cf-ray
87efdad8fad8911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
perfectbodywrap
services.itworks.com/customer/v1/profiles/
0
181 B
XHR
General
Full URL
https://services.itworks.com/customer/v1/profiles/perfectbodywrap
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

correlationid
4441794f8592bf43b5a89199e601bed5
messageid
29eec522-2100-41ea-8f0d-e595196fde52
date
Sun, 05 May 2024 09:55:27 GMT
strict-transport-security
max-age=2592000
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
xdebug
S:
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation
S:True
xpassedapikey
S:
server
cloudflare
xpassedheaderkey
S:
xpassedquerykey
S:
vary
Accept-Encoding
xcalledservice
S:https://see-inbound-policy.com/
access-control-allow-origin
*
xoriginalurl
S:services.itworks.com
access-control-expose-headers
CorrelationId
cache-control
public, max-age=30
cf-ray
87efdad90ea2190f-FRA
expires
Sun, 05 May 2024 09:55:57 GMT
log
perfectbodywrap.itworks.com/api/
0
162 B
XHR
General
Full URL
https://perfectbodywrap.itworks.com/api/log
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://perfectbodywrap.itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:26 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://perfectbodywrap.itworks.com
access-control-allow-credentials
true
cf-ray
87efdad91ae5911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
lo.js
d20519brkbo4nz.cloudfront.net/core/
13 KB
5 KB
Script
General
Full URL
https://d20519brkbo4nz.cloudfront.net/core/lo.js?site-id=b5b84745
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/main.9310f6fe8bf3ce40.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff4a78009e4666bfc1d9df7459b4af5973a1203c293c3a6d63095224c972b912

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://perfectbodywrap.itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:08:26 GMT
content-encoding
gzip
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
2821
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4625
last-modified
Fri, 03 May 2024 19:08:20 GMT
server
AmazonS3
etag
"7388071e3356c9dfd159b7713fefc925"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
4ayr0VqEY3GamAxR0oyT56zlyZs3meZZVvaYSX2aixFTuYJGplQXVA==
b5b84745
settings.luckyorange.com/
149 B
249 B
Fetch
General
Full URL
https://settings.luckyorange.com/b5b84745
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
64b1fb0730a1573b37b164dc32848fd6298ca1116285991f86228c42b312d52a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
x-lucky-uid
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-lucky-referrer
Referer
https://perfectbodywrap.itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:26 GMT
via
1.1 google
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://perfectbodywrap.itworks.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
b5b84745
settings.luckyorange.com/ Frame
0
0
Preflight
General
Full URL
https://settings.luckyorange.com/b5b84745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://perfectbodywrap.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://perfectbodywrap.itworks.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 05 May 2024 09:55:26 GMT
via
1.1 google
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/
0
359 B
XHR
General
Full URL
https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.12.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-12-154.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-LaunchDarkly-Payload-ID
992ccd60-0ac5-11ef-ba34-6faafe8eb843
X-LaunchDarkly-Event-Schema
4
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://perfectbodywrap.itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.12.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-12-154.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://perfectbodywrap.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Sun, 05 May 2024 09:55:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
log
perfectbodywrap.itworks.com/api/
0
162 B
XHR
General
Full URL
https://perfectbodywrap.itworks.com/api/log
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://perfectbodywrap.itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://perfectbodywrap.itworks.com
access-control-allow-credentials
true
cf-ray
87efdade6812911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
Primary Request /
itworks.com/
17 KB
4 KB
Document
General
Full URL
https://itworks.com/
Requested by
Host: perfectbodywrap.itworks.com
URL: https://perfectbodywrap.itworks.com/portal/main.9310f6fe8bf3ce40.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2340785a8a57f3f5e73e8d18f3556d444c0ddfc960c213225be49cecfeb435a2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://perfectbodywrap.itworks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
87efdadf38b9911e-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Sun, 05 May 2024 09:55:27 GMT
last-modified
Fri, 03 May 2024 17:10:42 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=2592000
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-xss-protection
1; mode=block
collect
region1.analytics.google.com/g/
0
0

rum
perfectbodywrap.itworks.com/cdn-cgi/
0
0

jquery-2.2.4.min.js
code.jquery.com/
84 KB
0
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:22 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
759078
x-cache
MISS, HIT
content-length
29811
x-served-by
cache-lga21935-LGA, cache-fra-etou8220103-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1714902923.810146,VS0,VE0
etag
W/"28feccc0-14e4a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
0, 89343
js
maps.googleapis.com/maps/api/
201 KB
68 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
1395f7fdc86faa8477ae13bf894d66e08e73ba590f69cfd031a546d0e6b4592a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69198
x-xss-protection
0
runtime.ad0ac1376f4ec936.js
itworks.com/portal/
4 KB
2 KB
Script
General
Full URL
https://itworks.com/portal/runtime.ad0ac1376f4ec936.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7c13346da4ca7a2e62aba18c1721b149fbc549299aa418579a059da0366684d6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:28 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"e1b-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://itworks.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdae21b55911e-FRA
expires
Sun, 05 May 2024 13:55:28 GMT
polyfills.82a2842c2492498d.js
itworks.com/portal/
69 KB
25 KB
Script
General
Full URL
https://itworks.com/portal/polyfills.82a2842c2492498d.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e8d7453f1b6aee84cf2a2eb5a5627e94f9974613636906dccc4908d10fec6aa6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:28 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"112bc-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://itworks.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdae21b57911e-FRA
expires
Sun, 05 May 2024 13:55:28 GMT
scripts.2a1e351c7b378688.js
itworks.com/portal/
123 KB
45 KB
Script
General
Full URL
https://itworks.com/portal/scripts.2a1e351c7b378688.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
0faafdb139b75f63e0a8e3efe617e12474e8475fb08c39d22c5f78837d36f384
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:28 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"1ea63-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdae2cbfa911e-FRA
expires
Sun, 05 May 2024 13:55:28 GMT
main.9310f6fe8bf3ce40.js
itworks.com/portal/
3 MB
664 KB
Script
General
Full URL
https://itworks.com/portal/main.9310f6fe8bf3ce40.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
09feb63448ffff7fcaceb5419ee6bd1a3adff40531f7365820d382194ebce617
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:28 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"297a80-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://itworks.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdae21b58911e-FRA
expires
Sun, 05 May 2024 13:55:28 GMT
vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
static.cloudflareinsights.com/beacon.min.js/
19 KB
0
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:23 GMT
content-encoding
gzip
last-modified
Tue, 23 Apr 2024 12:12:17 GMT
server
cloudflare
etag
W/"2024.4.1"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
87efdac4aec21d84-FRA
gtm.js
www.googletagmanager.com/
241 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d659f25a60bc15cece7122cd53c0f57d0348eb44243ae47b3ac8a6b11deed6cd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:22 GMT
content-encoding
br
last-modified
Sun, 05 May 2024 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80328
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 May 2024 09:55:22 GMT
analytics.js
www.google-analytics.com/
52 KB
0
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 08:07:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
6453
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sun, 05 May 2024 10:07:49 GMT
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
45 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://itworks.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
x-xss-protection
0
styles.bf2051ff17f3ef0a.css
itworks.com/portal/
1 MB
127 KB
Stylesheet
General
Full URL
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9095efdc7bec4800ab9884a18d5366f22e9ce6aca39d13d57b909092909405df
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:28 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"1173ab-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdae2cbfb911e-FRA
expires
Sun, 05 May 2024 13:55:28 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/
45 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 29 Apr 2024 18:20:53 GMT
x-content-type-options
nosniff
age
488070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46552
x-xss-protection
0
last-modified
Thu, 14 Sep 2023 00:46:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Apr 2025 18:20:53 GMT
js
www.googletagmanager.com/gtag/
314 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b56736f671054035c9868da2d1e4f10fb44b0ff94e3576e6b575c79482d03813
Security Headers
Name Value
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:23 GMT
content-encoding
br
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
106103
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 05 May 2024 09:55:23 GMT
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4510v890894587z879783485za200&_p=1714902927686&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=1290939670.1714902928&ecid=1678220843&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&sid=1714902927&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fperfectbodywrap.itworks.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=775
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://itworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Sun, 05 May 2024 09:55:29 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-etou8220058-FRA
x-timer
S1714902930.527520,VS0,VE1
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Sun, 05 May 2024 09:55:29 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
1
x-served-by
cache-fra-etou8220058-FRA
x-timer
S1714902930.528224,VS0,VE1
level
itworks.com/api/log/
20 B
217 B
XHR
General
Full URL
https://itworks.com/api/log/level
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
etag
W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
x-powered-by
Express
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-credentials
true
cf-ray
87efdaed7cd1911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
20
countries
services.itworks.com/countries/v1/
3 KB
0
XHR
General
Full URL
https://services.itworks.com/countries/v1/countries
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

messageid
b51f1cb6-4638-4f01-b090-63469f625fe3
date
Sun, 05 May 2024 09:55:26 GMT
content-encoding
gzip
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
xdebug
S:
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation
S:True
xpassedapikey
S:
last-modified
Sun, 05 May 2024 09:55:26 GMT
server
cloudflare
xpassedheaderkey
S:
xpassedquerykey
S:
vary
Accept-Encoding
xcalledservice
S:https://see-inbound-policy.com/
access-control-allow-origin
*
xoriginalurl
S:services.itworks.com
content-type
application/json; charset=utf-8
access-control-expose-headers
CorrelationId
cache-control
public, max-age=14400
cf-ray
87efdacef97e190f-FRA
expires
Sun, 05 May 2024 13:55:26 GMT
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/
2 B
54 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:29 GMT
via
1.1 varnish
content-encoding
gzip
content-md5
d751713988987e9331980363e24189ce
age
0
x-cache
HIT
content-length
26
x-served-by
cache-fra-etou8220058-FRA
x-timer
S1714902930.548011,VS0,VE2
etag
"d751713988987e9331980363e24189ce"
ld-region
us-east-1
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0
access-control-max-age
300
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits
1
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/
41 KB
97 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
977459df5c51a07861a7365d84554211b66266165f446c654b0084a41a1d9ea3

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:29 GMT
via
1.1 varnish
content-encoding
gzip
age
0
x-cache
HIT
content-length
5718
x-served-by
cache-fra-etou8220058-FRA
server
Varnish
x-timer
S1714902930.548135,VS0,VE1
etag
"68dbb"
vary
Authorization, Accept-Encoding
access-control-max-age
3600
content-type
application/json
access-control-allow-origin
*
access-control-allow-methods
OPTIONS, GET
cache-control
max-age=0
accept-ranges
bytes
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
retry-after
0
x-cache-hits
0
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/
0
359 B
XHR
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.12.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-12-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.12.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-12-154.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Sun, 05 May 2024 09:55:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4510v890894587za200&_p=1714902927686&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=1290939670.1714902928&ecid=1678220843&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EEA&_s=2&sid=1714902927&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fperfectbodywrap.itworks.com%2F&dt=It%20Works!&en=scroll&epn.percent_scrolled=90&_et=2&tfd=2458
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://itworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
itworks.com/cdn-cgi/
0
139 B
XHR
General
Full URL
https://itworks.com/cdn-cgi/rum?
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 05 May 2024 09:55:29 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://itworks.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
87efdaedbd19911e-FRA
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4510v890894587z879783485za200&_p=1714902927686&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=1290939670.1714902928&ecid=1678220843&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&_eu=EA&_s=3&sid=1714902927&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fperfectbodywrap.itworks.com%2F&dt=It%20Works!&en=page_load_time&epn.loading_time_sec=2.45&_et=1677&tfd=2466
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://itworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/
0
17 B
Ping
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4510v890894587za200&_p=1714902927686&gcs=G111&gcd=13r3r3r2r5&npa=0&dma_cps=sypham&dma=1&cid=397942158.1714902923&ecid=522978045&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=4&sid=1714902923&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fperfectbodywrap.itworks.com%2F&dt=It%20Works!&en=user_engagement&ep.ga_temp_client_id=1290939670.1714902928&_et=5&tfd=2466
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://itworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
70 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B9ZCN4XJNP&cid=397942158.1714902923&gtm=45je4510v890894587za200&aip=1&dma=1&dma_cps=sypham&gcs=G111&gcd=13r3r3r2r5&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Sun, 05 May 2024 09:55:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://itworks.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.svg
static.myitworks.com/themes/rws-v3/images/
841 B
0
Other
General
Full URL
https://static.myitworks.com/themes/rws-v3/images/favicon.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1179 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Sun, 05 May 2024 09:55:24 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Wed, 01 Mar 2023 19:06:35 GMT
Server
cloudflare
Age
5795
ETag
W/"28dcb8f1704cd91:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=14400
CF-RAY
87efdacf9cdd974f-FRA
Access-Control-Allow-Headers
Content-Type,Authorization
Expires
Sun, 05 May 2024 13:55:24 GMT
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:29 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaeddd2a911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
bag
itworks.com/ajax/
1 KB
917 B
XHR
General
Full URL
https://itworks.com/ajax/bag
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f74948e2f0707b6f12a69456218dc337036bc0f1d17538a0fdb98aaf16e8dd0c
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-iwgtime
5/5/2024 4:55:30 AM
pragma
no-cache
date
Sun, 05 May 2024 09:55:30 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-frame-options
SAMEORIGIN
content-type
application/json; Charset=utf-8
cache-control
no-store,no-cache
cf-ray
87efdaeddd2d911e-FRA
alt-svc
h3=":443"; ma=86400
expires
Sat, 04 May 2024 09:55:30 GMT
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/
41 KB
0
EventSource
General
Full URL
https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA4In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.151.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a1370dc23e25e46ce.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
text/event-stream
Cache-Control
no-cache
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
ld-region
eu-west-1
access-control-max-age
300
access-control-allow-methods
GET,OPTIONS
content-type
text/event-stream; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
x-content-length
accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
US
services.itworks.com/countries/v1/countrysettings/
709 B
928 B
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings/US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

messageid
332def19-aeb5-4da6-8dd8-019e2b49a0f8
date
Sun, 05 May 2024 09:55:30 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
cf-cache-status
HIT
age
218
alt-svc
h3=":443"; ma=86400
xdebug
S:
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation
S:True
xpassedapikey
S:
last-modified
Sun, 05 May 2024 09:51:52 GMT
server
cloudflare
xpassedheaderkey
S:
xpassedquerykey
S:
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
xoriginalurl
S:services.itworks.com
xcalledservice
S:https://see-inbound-policy.com/
access-control-expose-headers
CorrelationId
cache-control
public, max-age=14400
cf-ray
87efdaf278935d3a-FRA
expires
Sun, 05 May 2024 13:55:30 GMT
US
services.itworks.com/countries/v1/countrysettings/
709 B
0
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings/US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

messageid
332def19-aeb5-4da6-8dd8-019e2b49a0f8
date
Sun, 05 May 2024 09:55:30 GMT
content-encoding
gzip
cf-cache-status
HIT
age
218
alt-svc
h3=":443"; ma=86400
xdebug
S:
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation
S:True
xpassedapikey
S:
last-modified
Sun, 05 May 2024 09:51:52 GMT
server
cloudflare
xpassedheaderkey
S:
xpassedquerykey
S:
vary
Accept-Encoding
xcalledservice
S:https://see-inbound-policy.com/
access-control-allow-origin
*
xoriginalurl
S:services.itworks.com
content-type
application/json; charset=utf-8
access-control-expose-headers
CorrelationId
cache-control
public, max-age=14400
cf-ray
87efdaf278935d3a-FRA
expires
Sun, 05 May 2024 13:55:30 GMT
site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf32def8ffa-FRA
date
Sun, 05 May 2024 09:55:30 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230155-FRA
site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
18 KB
4 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bac3aecd8f65442ee70c15442ee742d0261e0c576eaf85ebc39049a5191ae97

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:30 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
31
age
217
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
4086
x-served-by
cache-fra-eddf8230155-FRA
last-modified
Sun, 05 May 2024 09:51:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf3cea28ffa-FRA
expires
Sun, 05 May 2024 10:00:30 GMT
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf42ef68ffa-FRA
date
Sun, 05 May 2024 09:55:30 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230101-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf42ef88ffa-FRA
date
Sun, 05 May 2024 09:55:30 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230155-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
132 KB
24 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace251c08ca366b0dc46563885601cb9faa13f9dfedbf128f0575f62eef0932d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:30 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
91
age
217
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
23971
x-served-by
cache-fra-eddf8230035-FRA
last-modified
Sun, 05 May 2024 09:51:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf47f718ffa-FRA
expires
Sun, 05 May 2024 10:00:30 GMT
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
4 KB
2 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=en-US&limit=1
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48297ac13e76efd39f64d23005c41a9d27bf6528ec62faba0715f07fc42a0260

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:30 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
1
age
217
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
1588
x-served-by
cache-fra-eddf8230123-FRA
last-modified
Sun, 05 May 2024 09:51:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf46f4a8ffa-FRA
expires
Sun, 05 May 2024 10:00:30 GMT
lo.js
d20519brkbo4nz.cloudfront.net/core/
13 KB
0
Script
General
Full URL
https://d20519brkbo4nz.cloudfront.net/core/lo.js?site-id=b5b84745
Requested by
Host: itworks.com
URL: https://itworks.com/portal/main.9310f6fe8bf3ce40.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:b800:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ff4a78009e4666bfc1d9df7459b4af5973a1203c293c3a6d63095224c972b912

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:08:26 GMT
content-encoding
gzip
via
1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
2821
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
4625
last-modified
Fri, 03 May 2024 19:08:20 GMT
server
AmazonS3
etag
"7388071e3356c9dfd159b7713fefc925"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
4ayr0VqEY3GamAxR0oyT56zlyZs3meZZVvaYSX2aixFTuYJGplQXVA==
b5b84745
settings.luckyorange.com/ Frame
0
0
Preflight
General
Full URL
https://settings.luckyorange.com/b5b84745
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://itworks.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 05 May 2024 09:55:30 GMT
via
1.1 google
b5b84745
settings.luckyorange.com/
149 B
165 B
Fetch
General
Full URL
https://settings.luckyorange.com/b5b84745
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
64b1fb0730a1573b37b164dc32848fd6298ca1116285991f86228c42b312d52a

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
x-lucky-uid
undefined
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
x-lucky-referrer
https://perfectbodywrap.itworks.com/
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:30 GMT
via
1.1 google
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf5992d8ffa-FRA
date
Sun, 05 May 2024 09:55:30 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230155-FRA
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bc8911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bca911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bcc911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bcd911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bcf911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bd1911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bd2911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:30 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bd3911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bd4911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bd5911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bd6911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bd7911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf59bd8911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
69 KB
18 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=en-US&limit=1
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d65933fd01da8d87f8b30f4f7d92349b90cb5e1bbb236ffd47a3b03fc73eedff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:30 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
65
age
217
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
18161
x-served-by
cache-fra-eddf8230055-FRA
last-modified
Sun, 05 May 2024 09:51:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf5e9bf8ffa-FRA
expires
Sun, 05 May 2024 10:00:30 GMT
IW-Logo.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/26a7e9ac-7580-40f3-bd90-590b86ea7c3b/
3 KB
3 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/26a7e9ac-7580-40f3-bd90-590b86ea7c3b/IW-Logo.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
910548fa5624b6a2ebb9e65e942a966115cd113c9f3f44c251ad15b34b87f533

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200025-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
last-modified
Fri, 02 Sep 2022 15:11:14 GMT
x-timer
S1714902931.888524,VS0,VE1
etag
0x8DA8CF560E4ACEF
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2599
x-cache-hits
4965, 0
icon-instagram.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/
3 KB
3 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/icon-instagram.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100059-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
last-modified
Wed, 09 Aug 2023 17:14:17 GMT
x-timer
S1714902931.888526,VS0,VE2
etag
0x8DB98FC1030F36A
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2930
x-cache-hits
10867, 0
icon-facebook.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/
462 B
770 B
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/icon-facebook.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000051-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
last-modified
Wed, 09 Aug 2023 17:14:49 GMT
x-timer
S1714902931.888135,VS0,VE1
etag
0x8DB98FC2354D19C
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
462
x-cache-hits
10702, 0
twitter-black%2032x32.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/
785 B
927 B
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/twitter-black%2032x32.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200034-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
last-modified
Wed, 03 Apr 2024 14:28:37 GMT
x-timer
S1714902931.888541,VS0,VE1
etag
0x8DC53EA59EEDAB8
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
785
x-cache-hits
25, 0
icon-pinterest.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/
1 KB
1 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/icon-pinterest.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200024-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
last-modified
Wed, 09 Aug 2023 17:15:55 GMT
x-timer
S1714902931.888512,VS0,VE1
etag
0x8DB98FC4AD3F6A5
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1193
x-cache-hits
21450, 0
Daily_Routine_WEB_tile%20link.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/99249ef2-70e4-431e-8e9d-7b2b486bc835/
8 KB
9 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/99249ef2-70e4-431e-8e9d-7b2b486bc835/Daily_Routine_WEB_tile%20link.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2cd45b88dd4853790f6bbe31868533c78a2a968d5c17f5961fc8a829ae46dbf7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200177-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010251
x-timer
S1714902931.888516,VS0,VE2
etag
"dMkIQ3qOc8e3/7Qva4MtW/crhX6CCvU+MupdsWIyvd8"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=69486 idim=225x280 ifmt=png ofsz=8466 odim=225x280 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8466
x-cache-hits
27, 0
Slimming%20Essentials%20Tile.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/62aa665b-0af5-4c7d-86aa-8a35f2871cd9/
6 KB
6 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/62aa665b-0af5-4c7d-86aa-8a35f2871cd9/Slimming%20Essentials%20Tile.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c78ef0542ca77fc9a13c737d610c4bde84d58a8d18a7cfd8a3d397a467b25b6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000107-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010215
x-timer
S1714902931.911339,VS0,VE2
etag
"dzch9KGLP5IYXNSjXxJx9dKZTMEzw+IAO/sXennerTs"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=38161 idim=225x280 ifmt=png ofsz=5932 odim=225x280 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
5932
x-cache-hits
548, 0
Weight%20Control%20Deluxe%20Tile.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ebb2a30c-0f30-410f-b608-890c76a69322/
6 KB
6 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ebb2a30c-0f30-410f-b608-890c76a69322/Weight%20Control%20Deluxe%20Tile.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
79fa6442200868134c7be504c9b67aa02bc21d87fb82c5678be70904b2b5503e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200128-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010216
x-timer
S1714902931.911333,VS0,VE1
etag
"Z5OGZCseOi2bXkJT3um7uzam0MzrVERTzCHqS3/oZHI"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=48827 idim=225x280 ifmt=png ofsz=6170 odim=225x280 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6170
x-cache-hits
18, 0
Weight%20Control%20Signature%20Tile.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3c9ca7c7-0cbd-4cae-9142-089ac6afec3a/
6 KB
7 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3c9ca7c7-0cbd-4cae-9142-089ac6afec3a/Weight%20Control%20Signature%20Tile.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a383cf4d75cc99cb2e430930b91c439721988c13449af37ab7b79f36e5bf5aca

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100101-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010229
x-timer
S1714902931.911865,VS0,VE2
etag
"nw8IWAsQ5H/oHb33nP9cvSYzl1xjHbEaWwDf5lSsmX0"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=49381 idim=225x280 ifmt=png ofsz=6448 odim=225x280 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6448
x-cache-hits
10462, 0
healthy-gut-system-essentials-us-tile-link.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/91c04779-5acd-42e6-ab2d-4f901697407f/
3 KB
3 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/91c04779-5acd-42e6-ab2d-4f901697407f/healthy-gut-system-essentials-us-tile-link.jpg?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
82d71181f56d67dc6b1948b7be60e73b5ee02507fabf967277dc89bb0a43180f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000049-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010226
x-timer
S1714902931.911811,VS0,VE2
etag
"dRl2C1KNP+gUhy0vePFTCtuXLlb0w+1EATC5pBZbMbQ"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=21396 idim=225x280 ifmt=jpeg ofsz=3082 odim=225x280 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3082
x-cache-hits
75, 0
healthy-gut-deluxe-system-us-tile-link.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/60ccf51e-c606-421f-a76b-ac63687ced71/
4 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/60ccf51e-c606-421f-a76b-ac63687ced71/healthy-gut-deluxe-system-us-tile-link.jpg?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
83800c9207acaee11aeb214bf7e14b61f10f91c95900bb1b230740094f9adb33

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000164-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010251
x-timer
S1714902931.911825,VS0,VE1
etag
"NrenKd60/i5H1Zj7cRxW0+8Lj0JHiG4ZRJbRpDnPPcQ"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=25852 idim=225x280 ifmt=jpeg ofsz=3878 odim=225x280 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3878
x-cache-hits
75, 0
healthy-gut-signature-systems-us-tile-link.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7aa8c095-39e4-47de-909f-b3f4146753cd/
5 KB
5 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7aa8c095-39e4-47de-909f-b3f4146753cd/healthy-gut-signature-systems-us-tile-link.jpg?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bdc883a77381b1eed80e3c2790c8cae3e720ed3dd2342a6ca3da14f690268157

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200034-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010217
x-timer
S1714902931.911789,VS0,VE1
etag
"7ikKNwpc3Tp74UgqQV6ZiVdfT+OR9WHCegFnbeLw2Ys"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=32129 idim=225x280 ifmt=jpeg ofsz=4988 odim=225x280 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4988
x-cache-hits
75, 0
Active%20Lifestyle_Essentials%20System_Active_Essentials.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/169c884d-39ac-4699-a384-a44e34781b25/
52 KB
52 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/169c884d-39ac-4699-a384-a44e34781b25/Active%20Lifestyle_Essentials%20System_Active_Essentials.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
23649b5d45272bed606232a4a56432ca77883c59f635d586ad2404917fccdfaa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100032-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-mnz1300720
x-timer
S1714902931.911806,VS0,VE1
etag
"g1MAoGBW8PC3PwZyblLO6155K70F/gWX5Hca8ZeH+W4"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=660545 idim=1081x1081 ifmt=png ofsz=53310 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
53310
x-cache-hits
4774, 0
Active%20Lifestyle_System_Active_Deluxe%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b588659d-7d58-4fdb-98e4-ea8f85700f3b/
49 KB
49 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b588659d-7d58-4fdb-98e4-ea8f85700f3b/Active%20Lifestyle_System_Active_Deluxe%20System.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3d42f70049ebfee9a879aeba1e4dbd0c94286164d2f96adc6fd73b29c86eb032

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200058-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
x-timer
S1714902931.911772,VS0,VE2
etag
"cOz7P8Ud6qbgg3Ikwc0seL6ZDofKEM//hAH4LEAFIW4"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=676583 idim=1081x1081 ifmt=png ofsz=50458 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
50458
x-cache-hits
9740, 0
Active%20Lifestyle_System_Active_Signature.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c8cf8717-fef4-465a-b7bd-99bb7478e4e9/
43 KB
44 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c8cf8717-fef4-465a-b7bd-99bb7478e4e9/Active%20Lifestyle_System_Active_Signature.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
887a325777f013f020501c7db8fcfca2eceea89a66b129f5d3c4608124ae5d83

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000066-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
x-timer
S1714902931.912789,VS0,VE1
etag
"vMiOvck7YzByG2HSzgY8uF2bjEXe9yCk+p5ptja0fKw"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=553946 idim=1081x1081 ifmt=png ofsz=44450 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
44450
x-cache-hits
10429, 0
Simplypure%20Collection%20US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/daae86b2-0713-41d1-a8b9-e8da0c44190e/
3 KB
3 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/daae86b2-0713-41d1-a8b9-e8da0c44190e/Simplypure%20Collection%20US.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
941471be3ed659eb42f3a2e159b3e29151dc766576e1cd29b71950f4a8e76f91

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200028-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-mnz1300705
x-timer
S1714902931.913154,VS0,VE2
etag
"KULF8JTKb9t0+BQTop97HxdEbprvJAbej4OeB5NjF0o"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=34831 idim=225x280 ifmt=png ofsz=3218 odim=225x280 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3218
x-cache-hits
4264, 0
hair-and-body-set-tile-link.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ae2bf8f4-e605-49db-bb67-6bcf035d9f0f/
3 KB
3 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ae2bf8f4-e605-49db-bb67-6bcf035d9f0f/hair-and-body-set-tile-link.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
058d4da2552f04cfdfdecc03a38df9bd9e857321a810306ce3907aad25d859d8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100168-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-mnz1300719
x-timer
S1714902931.912514,VS0,VE2
etag
"5D5avtMD6rB9WrejZAdRi9MNVe+4FITYbUva8PRWr48"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=28406 idim=225x280 ifmt=png ofsz=3096 odim=225x280 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3096
x-cache-hits
18065, 0
418201-root-revival-set-tile-link.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/16449232-ec24-4d58-9454-8b7e867a5aa1/
8 KB
8 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/16449232-ec24-4d58-9454-8b7e867a5aa1/418201-root-revival-set-tile-link.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
530f1dde02a66daaa50088341941102d99e7a182280036ec9dc2c6c9c7cf0d21

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000040-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-mnz1300719
x-timer
S1714902931.912416,VS0,VE1
etag
"LwkdmfAjdS7gZKga93HujhPRsjNSSO8VTT44/1ERVEs"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=69120 idim=225x280 ifmt=png ofsz=8428 odim=225x280 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
8428
x-cache-hits
4168, 0
31104VALUE-SuperGreens%2B_OTG_Berry-1080x1080%20%281%29-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/020866f5-1c52-4647-b0fb-001f5fd7a455/
45 KB
46 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/020866f5-1c52-4647-b0fb-001f5fd7a455/31104VALUE-SuperGreens%2B_OTG_Berry-1080x1080%20%281%29-min.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa5f319abf4fec3ec9cfcb2dbccbf3f876e34b7a91061d3c98180222dcfa2d17

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000057-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
x-timer
S1714902931.912419,VS0,VE2
etag
"WzmPMY9wR4RJioPh9uKq+nRdp2V+VP4E3y87P20ISFw"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=213306 idim=1081x1081 ifmt=png ofsz=46444 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
46444
x-cache-hits
1029, 0
38601VALUE-Skinny-Proffee-1080x1080%20%281%29-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e2ecc726-ac33-41e0-997a-9dd8786630b9/
115 KB
116 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e2ecc726-ac33-41e0-997a-9dd8786630b9/38601VALUE-Skinny-Proffee-1080x1080%20%281%29-min.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d61b28fa7eeed4d6714bea600452aec950028bb55febf6b21d9ca38157ff7ee7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200144-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010227
x-timer
S1714902931.912398,VS0,VE1
etag
"cHu9wpLVe2HVBxpo86fejUtrbFXNFCE5RDA//7zsTdw"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=386701 idim=1081x1081 ifmt=png ofsz=117996 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
117996
x-cache-hits
1651, 0
37501VALUE-Power%20Hydrate-1080x1080%20%281%29-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7a6cd079-09df-4cd2-b9ba-07dc5e04abf2/
45 KB
45 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7a6cd079-09df-4cd2-b9ba-07dc5e04abf2/37501VALUE-Power%20Hydrate-1080x1080%20%281%29-min.png?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
31e71dc9daeb2cc9e8f98bc38f78f9bd9d1f3d3f8d3ed9631e3b13e3de70137c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000056-IAD, cache-fra-etou8220123-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-mnz1300712
x-timer
S1714902931.912342,VS0,VE1
etag
"gJxZWRXQQUvfhhkkYkySXRo1W/dc1KPAce5DKzs4IoU"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=271713 idim=1081x1081 ifmt=png ofsz=46328 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
46328
x-cache-hits
2011, 0
ico-caret-down.svg
itworks.com/portal/
193 B
537 B
Image
General
Full URL
https://itworks.com/portal/ico-caret-down.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
7b332c71515a908fe98cd6073f2e36ce95b381b391121aa7603b93400314d530
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"c1-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdaf5bbf5911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
us.svg
itworks.com/portal/
4 KB
1 KB
Image
General
Full URL
https://itworks.com/portal/us.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"116d-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdaf5bbf8911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
ico-search.svg
itworks.com/portal/
625 B
717 B
Image
General
Full URL
https://itworks.com/portal/ico-search.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
554a99b5851aef249e71b90594c453f1aa49baadd305ccf057e2686cf8694bf5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"271-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdaf5bbfa911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
ico-user.svg
itworks.com/portal/
837 B
825 B
Image
General
Full URL
https://itworks.com/portal/ico-user.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
fa3d939cc54d19190dcd649af77411ecb671b9511def19acceed663d3c149693
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"345-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdaf5bbfb911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
ico-bag.svg
itworks.com/portal/
553 B
709 B
Image
General
Full URL
https://itworks.com/portal/ico-bag.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3ea09d57427d6da60661646de7b671ab0f7d1a76cf98d1beb72129656122deae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"229-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdaf5bbfe911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
ico-close-small-white.svg
itworks.com/portal/
383 B
621 B
Image
General
Full URL
https://itworks.com/portal/ico-close-small-white.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
557d020af00c516825b46d036cfc6fd60c8174a802a63458c2a63af428014cf7
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"17f-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdaf5bc00911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
loader.svg
itworks.com/portal/
829 B
784 B
Image
General
Full URL
https://itworks.com/portal/loader.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
3c09352a88ecf332aef871bfac5b3b54cadbd3c4cc3939dc0e25d7d4e8ce3d5f
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"33d-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdaf5bc02911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 04 May 2024 02:38:24 GMT
x-content-type-options
nosniff
age
112626
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7900
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 May 2025 02:38:24 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 07:57:28 GMT
x-content-type-options
nosniff
age
439082
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7992
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 07:57:28 GMT
Inter-roman.var.woff2
itworks.com/portal/
222 KB
222 KB
Font
General
Full URL
https://itworks.com/portal/Inter-roman.var.woff2?v=3.19
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
227180
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"3776c-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://itworks.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
87efdaf5dc12911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf66a8e8ffa-FRA
date
Sun, 05 May 2024 09:55:30 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230101-FRA
untitled_content_item_7eaf584
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_7eaf584?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf66a928ffa-FRA
date
Sun, 05 May 2024 09:55:30 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230155-FRA
global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf66a938ffa-FRA
date
Sun, 05 May 2024 09:55:30 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230101-FRA
untitled_content_item_b08b0f7
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_b08b0f7?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf68ac08ffa-FRA
date
Sun, 05 May 2024 09:55:30 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230155-FRA
untitled_content_item_b668eee
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_b668eee?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf68ac38ffa-FRA
date
Sun, 05 May 2024 09:55:30 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230155-FRA
untitled_content_item_bcdb313
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_bcdb313?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf68ac58ffa-FRA
date
Sun, 05 May 2024 09:55:30 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230101-FRA
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf63c64911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf63c67911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
products
services.itworks.com/product/v1/categories/best-sellers/
13 KB
2 KB
XHR
General
Full URL
https://services.itworks.com/product/v1/categories/best-sellers/products?country=US&language=en&customerType=LC&orderType=Shopping
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46501ee0dd7b58070d4be291149e8f083e557fca9636dbaf798a5786a392030
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

correlationid
01a6cb6e915647a9c8da58dc1ce8ffa6
messageid
ffe5f205-beb6-4ec7-b62b-3c91c312d4fa
date
Sun, 05 May 2024 09:55:30 GMT
content-encoding
gzip
strict-transport-security
max-age=2592000
cf-cache-status
HIT
age
216
alt-svc
h3=":443"; ma=86400
xdebug
S:
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation
S:True
xpassedapikey
S:
last-modified
Sun, 05 May 2024 09:51:54 GMT
server
cloudflare
xpassedheaderkey
S:
xpassedquerykey
S:
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
xoriginalurl
S:services.itworks.com
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, s-maxage=300, max-age=30, stale-while-revalidate=15
access-control-expose-headers
CorrelationId
cf-ray
87efdaf64e0e5d3a-FRA
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf65ca1911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf65ca3911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
43 KB
10 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=en-US&limit=1
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63e88d4eafa0946e80219e0273a45c0b82660735ec22a3f7e1fa5d323e01bce0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
30
age
218
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
10347
x-served-by
cache-fra-eddf8230063-FRA
last-modified
Sun, 05 May 2024 09:51:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf6ab138ffa-FRA
expires
Sun, 05 May 2024 10:00:31 GMT
untitled_content_item_7eaf584
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
5 KB
2 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_7eaf584?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
017c48c0fb4519c1217d28f368a06028ffab2c5f893d4dffe1c74fc47c7aabbc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
5
age
218
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
1678
x-served-by
cache-fra-eddf8230055-FRA
last-modified
Sun, 05 May 2024 09:51:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf6ab118ffa-FRA
expires
Sun, 05 May 2024 10:00:31 GMT
global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
1 KB
976 B
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c097e1027f753314a7dd90cb77375c5ac6782186da491ad822c7b0b584d804bc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
1
age
218
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
621
x-served-by
cache-fra-eddf8230038-FRA
last-modified
Sun, 05 May 2024 09:51:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf6ab148ffa-FRA
expires
Sun, 05 May 2024 10:00:31 GMT
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf67cad911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf67caf911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf67cb2911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf67cb5911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf67cb7911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf67cbb911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
untitled_content_item_b08b0f7
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_b08b0f7?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6585b2e1e41bd245f2b3d747728c4b8d790ac1a478486ffd7355a5251bb5a7ff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
2
age
218
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
890
x-served-by
cache-fra-eddf8230136-FRA
last-modified
Sun, 05 May 2024 09:51:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf6cb398ffa-FRA
expires
Sun, 05 May 2024 10:00:31 GMT
untitled_content_item_b668eee
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_b668eee?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7eb9f44ac256d3b20132af25de649a924dc6549f793a914fd7b65976866065cd

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
2
age
218
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
887
x-served-by
cache-fra-eddf8230078-FRA
last-modified
Sun, 05 May 2024 09:51:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf6cb478ffa-FRA
expires
Sun, 05 May 2024 10:00:31 GMT
untitled_content_item_bcdb313
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_bcdb313?depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baac71d6cf217c8f172d06950694f10a6ea8d8f56a6414a5b5b0306a1b654b84

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
2
age
218
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
981
x-served-by
cache-fra-eddf8230050-FRA
last-modified
Sun, 05 May 2024 09:51:53 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf6cb528ffa-FRA
expires
Sun, 05 May 2024 10:00:31 GMT
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf68cc8911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf68cc9911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
WrapRebrand_Banner_4096x1862.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fc56eef0-4fae-41d8-9ba7-7688b4bb8761/
265 KB
266 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/fc56eef0-4fae-41d8-9ba7-7688b4bb8761/WrapRebrand_Banner_4096x1862.jpg?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cfcd1974fa5bc2dbdbbb2f3a5dfabcaf673f49c10e94c2c7d54682a586f627ee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000163-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010214
x-timer
S1714902931.971876,VS0,VE1
etag
"VLb/VroV8MpwQI5UWQQ128aRRz7L2OqWnLXktWLQUsM"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=2513168 idim=4096x1862 ifmt=jpeg ofsz=271594 odim=4096x1862 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
271594
x-cache-hits
13, 0
Weight%20Control%2016%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/39e82b93-eff1-4f8d-ae95-203a9f5b31ab/
25 KB
26 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/39e82b93-eff1-4f8d-ae95-203a9f5b31ab/Weight%20Control%2016%201.jpg?w=1080&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6612a5882703839b3abb0db52ca478d4476c005dbe627bc9bc8735664f73046c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100089-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010246
x-timer
S1714902931.976759,VS0,VE1
etag
"6139G8ADMhfDfdAHKpSkTmBTibpZznub5xJFiVn5ICo"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=5724952 idim=4096x2304 ifmt=jpeg ofsz=25744 odim=1080x608 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
25744
x-cache-hits
32, 0
Gut%20Health%2016.9%20%28new%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5894e2b3-30b2-47d6-bdec-25047628fd1e/
46 KB
46 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5894e2b3-30b2-47d6-bdec-25047628fd1e/Gut%20Health%2016.9%20%28new%29.png?w=1080&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
72a6b1f702133de22be12627d3485179ef1ebf79aa71d94a5ab249ae83cfd82f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000176-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010228
x-timer
S1714902931.976879,VS0,VE2
etag
"ixF2mp+80B0Q+8KSQnfOi+nbFWU3zaMGli3+XINVKPk"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=6746940 idim=3601x2026 ifmt=png ofsz=47202 odim=1080x608 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
47202
x-cache-hits
32, 0
Active%20Lifestyle%2016.9%202%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/05953d3b-3b38-48c4-9768-b920a5361d1c/
39 KB
39 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/05953d3b-3b38-48c4-9768-b920a5361d1c/Active%20Lifestyle%2016.9%202%20%281%29.png?w=1080&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf422544f33d68cc402b9a7389b4f15d5ce54a0d4981a657c2952c6a65ed9c6d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100117-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010248
x-timer
S1714902931.976996,VS0,VE3
etag
"+cGZuomO2WrYecWhYE03PLPHVNMrGiPaUc9cfjGE+s0"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=8855564 idim=6953x3911 ifmt=png ofsz=39654 odim=1080x607 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
39654
x-cache-hits
31, 0
Conf24-FIRM-Wrap-Defining%20Gel-1956-US-X2%201%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/842d20c5-a98f-4657-a248-9a2425aab527/
19 KB
20 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/842d20c5-a98f-4657-a248-9a2425aab527/Conf24-FIRM-Wrap-Defining%20Gel-1956-US-X2%201%20%281%29.png?w=1080&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3920c003f19fdf6657c4bd18010ac6be95e6e900b7b2fbc4ca2f647c8e2ca003

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200096-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010251
x-timer
S1714902931.977927,VS0,VE2
etag
"G+ugCUaixmYEFWvoSCN7vn0Tvc3/imD3E1yoYshZUqs"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=259808 idim=992x559 ifmt=png ofsz=19816 odim=992x559 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
19816
x-cache-hits
17, 0
Perks%20Member.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/
87 KB
87 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/Perks%20Member.jpg?w=1080&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7249705d38d45667c9573d01f750e39a87a1ac9ebdbcd7e36b2d9dc7759cd94b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000075-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010246
x-timer
S1714902931.977341,VS0,VE1
etag
"lviakCqMB91dAcNDud3b3/N287w5Pu0iBrGqaFSv2iY"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=6791563 idim=3392x2729 ifmt=jpeg ofsz=89072 odim=1080x869 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
89072
x-cache-hits
27, 0
Perks%20Member%205%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/
76 KB
76 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/Perks%20Member%205%201.png?w=1080&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6817e2797ce7771afca1bba2f58e69bb1740f92091428ff6b87af8385c19a1cf

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100113-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010211
x-timer
S1714902931.977377,VS0,VE2
etag
"oaVPn39LPIac7NWAMsTsZHx6cydSuwXsU8CxoFxRXNE"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=4578526 idim=2000x1600 ifmt=png ofsz=77820 odim=1080x864 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
77820
x-cache-hits
7, 0
MothersDay-BOGO-promo-US-CA.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c6383d20-b31e-4bf7-be88-fbc232de09cd/
59 KB
59 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c6383d20-b31e-4bf7-be88-fbc232de09cd/MothersDay-BOGO-promo-US-CA.png?w=1056&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b12b30d5c990cc4c226b9a056d3c84f30c46cd82c1ae169f2f466048bebe5d03

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000038-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010217
x-timer
S1714902931.977588,VS0,VE1
etag
"7BhbHbS8Ubw4hHZGnuSlW2w/WjPY+2FvyOjn2o3tZp8"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=1554277 idim=1350x1080 ifmt=png ofsz=60002 odim=1056x845 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
60002
x-cache-hits
4, 0
FIRM_2277-X2%201%20what%27s%20new%20spotlight%202.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c44b5366-adf9-4608-b7d5-e636df4ab1e9/
25 KB
26 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c44b5366-adf9-4608-b7d5-e636df4ab1e9/FIRM_2277-X2%201%20what%27s%20new%20spotlight%202.png?w=1056&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6639ff17ba6252dec4719995a634e5f7973b71eddee1f430dcf88829817b12e8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200161-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010231
x-timer
S1714902931.977608,VS0,VE1
etag
"qU6+bZA32NMXRglEEQwcP3bwO7gdcfWm4n7U2kGQkJA"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=271589 idim=544x435 ifmt=png ofsz=26078 odim=544x435 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
26078
x-cache-hits
13, 0
POTM-Greens-Spotlight_US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e2cbd312-0b1c-4b8f-8677-85db97e3ad12/
44 KB
45 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e2cbd312-0b1c-4b8f-8677-85db97e3ad12/POTM-Greens-Spotlight_US.png?w=1056&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e02dfb4d7e3ba3d0d2bccc5a2581ff6e33957c7c502adf794df7ce824ba8c43d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100088-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
fastly-io-served-by
vpop-kiad7010213
x-timer
S1714902931.977903,VS0,VE3
etag
"LL/9/YkyH4Yc5Y/D4iwdZOlX0oEt43aKeX+VmYCdVIg"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=1969127 idim=1350x1080 ifmt=png ofsz=45340 odim=1056x845 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
45340
x-cache-hits
51, 1
tri-leaf-white-svg.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/
1 KB
1 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/tri-leaf-white-svg.svg?w=20&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35ca72ea1571b028a5dbd8b4238fc778832e836c466b9826bab57d5cdcf80dc7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000102-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
last-modified
Tue, 07 Nov 2023 21:51:52 GMT
x-timer
S1714902931.978741,VS0,VE1
etag
0x8DBDFDBC0C24953
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1160
x-cache-hits
1528, 0
lightbulb_innovation.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/
1 KB
2 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/lightbulb_innovation.svg?w=80&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cdfed35e2d774231a81563470ecf23c3c0b6e6c48922a7c0e5198a0321c365b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200116-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
last-modified
Thu, 08 Feb 2024 18:01:52 GMT
x-timer
S1714902931.978677,VS0,VE1
etag
0x8DC28D007CEFB54
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
1362
x-cache-hits
4, 0
handshake_community.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/
4 KB
5 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/handshake_community.svg?w=80&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03de23361c1221c60ef0070ae7f6b1b30d047e2ed954b3ec03ce374887c523da

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
last-modified
Thu, 08 Feb 2024 18:05:37 GMT
x-timer
S1714902931.978471,VS0,VE1
etag
0x8DC28D08D987F23
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4560
x-cache-hits
24, 0
diversity_1_philanthropy.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/
4 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/diversity_1_philanthropy.svg?w=80&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5015fb7de2d75e628a6a6efa053ce66de9b47398a3720a8bb14989f17835138f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100044-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:30 GMT
last-modified
Thu, 08 Feb 2024 18:04:29 GMT
x-timer
S1714902931.978669,VS0,VE1
etag
0x8DC28D064DCF562
x-cache
HIT, HIT
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
4248
x-cache-hits
10206, 0
pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 30 Apr 2024 08:03:41 GMT
x-content-type-options
nosniff
age
438710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7844
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Apr 2025 08:03:41 GMT
loader-dark.svg
itworks.com/portal/
839 B
786 B
Image
General
Full URL
https://itworks.com/portal/loader-dark.svg
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
544c6fde043c912bbdd51bb76887ddffd0706c38d5d67d89f5da1362216d95f6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
content-encoding
gzip
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"347-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=14400
access-control-allow-credentials
true
cf-ray
87efdaf6bcf4911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
MaterialSymbolsOutlined.woff2
itworks.com/assets/material-design-icons/
3 MB
3 MB
Font
General
Full URL
https://itworks.com/assets/material-design-icons/MaterialSymbolsOutlined.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
a8e71dd2ad2c3a12d8f71c9cbf0d42563aefff5828d07e6fe9da709da1f6b26b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
REVALIDATED
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
3052540
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:40 GMT
server
cloudflare
etag
W/"2e93fc-18f3f6fc280"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://itworks.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
87efdaf72d4c911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
fa-solid-900.woff2
itworks.com/portal/
49 KB
50 KB
Font
General
Full URL
https://itworks.com/portal/fa-solid-900.woff2
Requested by
Host: itworks.com
URL: https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e23fe6a6a5d9998a759442e8e5c716797a32282f8de163fce97c656408682bef
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/portal/styles.bf2051ff17f3ef0a.css
Origin
https://itworks.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status
MISS
x-powered-by
Express
alt-svc
h3=":443"; ma=86400
content-length
50388
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Fri, 03 May 2024 17:10:32 GMT
server
cloudflare
etag
W/"c4d4-18f3f6fa340"
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
font/woff2
access-control-allow-origin
https://itworks.com
cache-control
public, max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
87efdaf72d4e911e-FRA
expires
Sun, 05 May 2024 13:55:31 GMT
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=36405VALUE,38401,30206,38701VALUE,33404VALUE,38901VALUE,35200VALUE,36801VALUE,38101,32602&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color&depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf72bca8ffa-FRA
date
Sun, 05 May 2024 09:55:31 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230155-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
12 KB
3 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=36405VALUE,38401,30206,38701VALUE,33404VALUE,38901VALUE,35200VALUE,36801VALUE,38101,32602&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color&depth=99&language=en-US
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e46683a93a551978fdf745e1f09eeab083677b9ff89f5ac81ac643fca24f19c7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
10
age
217
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
2965
x-served-by
cache-fra-eddf8230063-FRA
last-modified
Sun, 05 May 2024 09:51:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf76c2b8ffa-FRA
expires
Sun, 05 May 2024 10:00:31 GMT
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf75d8d911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf78db3911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf78dbc911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
log
itworks.com/api/
0
151 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:31 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://itworks.com
access-control-allow-credentials
true
cf-ray
87efdaf79dc1911e-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=pricing_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
87efdaf85d738ffa-FRA
date
Sun, 05 May 2024 09:55:31 GMT
retry-after
0
server
cloudflare
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230101-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
3 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=pricing_static_content&depth=99&language=en-US&limit=1
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34149706cd054418fe308bd37af5e5a1b7f4526b48351140c831133809c30dee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

x-cache-hits
0
date
Sun, 05 May 2024 09:55:31 GMT
content-encoding
gzip
cf-cache-status
HIT
x-request-charge
1
age
217
x-cache
HIT
alt-svc
h3=":443"; ma=86400
content-length
1091
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Sun, 05 May 2024 09:51:54 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control
public, max-age=300
x-stale-content
0
accept-ranges
bytes
cf-ray
87efdaf8add78ffa-FRA
expires
Sun, 05 May 2024 10:00:31 GMT
36405-SKNY-Gummies-1080x1080px-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4c07a6f7-6947-4742-ad5f-1850bc75434f/
36 KB
36 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4c07a6f7-6947-4742-ad5f-1850bc75434f/36405-SKNY-Gummies-1080x1080px-US.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
98a18a65d3515818352fb67eb8529f28f7c244d0e985a0b5327b00eb630a5fbb

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200072-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:31 GMT
fastly-io-served-by
vpop-kiad7010213
x-timer
S1714902931.261894,VS0,VE2
etag
"KCye4rcIFemAeC6UoRS5frHbsz2ad4jbrT2CjzX1lY8"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=383385 idim=1080x1080 ifmt=png ofsz=36666 odim=1080x1080 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
36666
x-cache-hits
28, 0
38401-SLMR-1080x1080px.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/68f85b05-9779-45e2-a87c-8fe984b46348/
41 KB
41 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/68f85b05-9779-45e2-a87c-8fe984b46348/38401-SLMR-1080x1080px.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ecf86695ff28024a395254cf011c1bd93d354c6edc4dc51ec6670e6145526abe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100161-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:31 GMT
x-timer
S1714902931.261986,VS0,VE1
etag
"KDJ3/salS3ZeWEQzQ3vnjduaRppPJ7m83URB7bZTkbs"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=549923 idim=1081x1081 ifmt=png ofsz=42128 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
42128
x-cache-hits
5057, 0
Listing%20Image-TFXX.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/69a06fa6-ac5f-41b2-815a-f4393ba28ea9/
38 KB
38 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/69a06fa6-ac5f-41b2-815a-f4393ba28ea9/Listing%20Image-TFXX.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
237abadacd16b6615ca3aaa560fc0c7e2c709d97256c5dc8a21b4c5dc1d2b845

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000068-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:31 GMT
fastly-io-served-by
vpop-kiad7010229
x-timer
S1714902931.262534,VS0,VE1
etag
"TB9fxRLX6LKSLkyz/6aWWld36L2f5k4xEzfE/J+v8wQ"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=418766 idim=1080x1080 ifmt=png ofsz=38458 odim=1080x1080 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
38458
x-cache-hits
101, 0
Listing%20Image-FLAT.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9c0c97f6-5f29-4234-8134-c73270e87c76/
27 KB
27 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9c0c97f6-5f29-4234-8134-c73270e87c76/Listing%20Image-FLAT.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e7032d47d8900347d5167a6308ffd161260e8e09fee4b554f241b707c317038

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200167-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:31 GMT
fastly-io-served-by
vpop-kiad7010247
x-timer
S1714902931.262546,VS0,VE1
etag
"a7wFtcdkxjLa/krIQQu/F1z6m1m5rKq2yysYbYS4MtM"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=393488 idim=1080x1080 ifmt=png ofsz=27670 odim=1080x1080 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
27670
x-cache-hits
54, 0
33404VALUE-Keto-Coffee-Original-1080x1080px.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e05e5db1-a33d-40e5-927d-ccfbcea59e7d/
54 KB
54 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e05e5db1-a33d-40e5-927d-ccfbcea59e7d/33404VALUE-Keto-Coffee-Original-1080x1080px.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
38a056694ebd7e7d1261e0d29f63b992b8352ca61ced5bbea0a077409213c24b

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100040-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:31 GMT
fastly-io-served-by
vpop-mnz1300716
x-timer
S1714902931.262679,VS0,VE2
etag
"jWvuEpS+E6l61p00I0x/3UAWaR0iCrChSvagmCgX+Ew"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=771916 idim=1081x1081 ifmt=png ofsz=55162 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
55162
x-cache-hits
1858, 0
BRN%2B_1080x1080_listing%20image.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/df6d7303-f6bc-43fa-a53a-f375a15c0aa4/
31 KB
32 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/df6d7303-f6bc-43fa-a53a-f375a15c0aa4/BRN%2B_1080x1080_listing%20image.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
768452f0ba61f4c89cc5f0834315775d546f3293f00d6ab6cc1884d3e3ff9ee1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100073-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:31 GMT
fastly-io-served-by
vpop-kiad7010251
x-timer
S1714902931.263005,VS0,VE1
etag
"pm9Ew3IrpKmN5s7I6LSwyGLuXSuCUg9B5quun4EFFX8"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=298814 idim=1080x1080 ifmt=png ofsz=32210 odim=1080x1080 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
32210
x-cache-hits
97, 0
35200-Skinny-Brew-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/36bfe798-24ac-4981-aa37-28b0819057b3/
66 KB
67 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/36bfe798-24ac-4981-aa37-28b0819057b3/35200-Skinny-Brew-1080x1080.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d2ca1afebf67c543b12fdd6f3e8874cd8b04c42da4b87c745c3e7f811e148198

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000085-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:31 GMT
x-timer
S1714902931.262979,VS0,VE1
etag
"UDUY0+ixKHu2U2jRyftu6ZE+U2w/Fd3L2dm99AHg2BA"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=1120093 idim=1081x1081 ifmt=png ofsz=67860 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
67860
x-cache-hits
4295, 0
36801VALUE-Skinny-Cold-Brew-White-Mocha-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/85a84784-0f1d-4966-814f-7377b1db4bf0/
71 KB
71 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/85a84784-0f1d-4966-814f-7377b1db4bf0/36801VALUE-Skinny-Cold-Brew-White-Mocha-1080x1080.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3307ff3c4c11fa4f38be345a5abdd2c7ba8157f707393fa78a371b796048efe

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kiad7000077-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:31 GMT
fastly-io-served-by
vpop-mnz1300713
x-timer
S1714902931.262957,VS0,VE1
etag
"SqmcRf+Wu6HhOE8r8GlSNZWyQASHefk8UgGysQL59tY"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=1069443 idim=1080x1061 ifmt=png ofsz=72552 odim=1080x1061 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
72552
x-cache-hits
8885, 0
38101-Simply-Aloe-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2834d8f5-1767-4127-a751-53c318a1b983/
33 KB
34 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2834d8f5-1767-4127-a751-53c318a1b983/38101-Simply-Aloe-1080x1080.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6ceb540a5ce63c853035a4132239b1ec79c58eccf69162f474e86f7b15dbfd71

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kcgs7200049-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:31 GMT
x-timer
S1714902931.263269,VS0,VE1
etag
"XE/oQ+ZVL/wI5PR3Q/fgBZ1N80OJD1q6X05eBBM/gos"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=316872 idim=1081x1081 ifmt=png ofsz=34260 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34260
x-cache-hits
2224, 0
32602-Cleanse-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/570f216a-b4e2-4605-ae04-5053bb9fdb6b/
45 KB
45 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/570f216a-b4e2-4605-ae04-5053bb9fdb6b/32602-Cleanse-1080x1080.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.1.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6be009a25bb7b47f2ebe523e4b55ea02f4957bcbd3e2b99afa79607f2d68a4a8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-iad-kjyo7100061-IAD, cache-fra-etou8220096-FRA
date
Sun, 05 May 2024 09:55:31 GMT
fastly-io-served-by
vpop-mnz1300703
x-timer
S1714902931.263351,VS0,VE1
etag
"/cEzkK71RcSQLLew6gdrXw1We/Iy/3fBP8aab53jtM4"
x-cache
HIT, HIT
content-type
image/webp
fastly-io-info
ifsz=758589 idim=1081x1081 ifmt=png ofsz=45828 odim=1081x1081 ofmt=webp
access-control-allow-origin
*
cache-control
public, immutable, max-age=31536000
fastly-stats
io=1
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
45828
x-cache-hits
1292, 0
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.12.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-12-154.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Sun, 05 May 2024 09:55:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/
0
359 B
XHR
General
Full URL
https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.82a2842c2492498d.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.12.154 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-12-154.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
X-LaunchDarkly-Payload-ID
9c18c9c0-0ac5-11ef-9ba7-65655de0a163
X-LaunchDarkly-Event-Schema
4
Accept-Language
de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent
JSClient/3.1.4
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://itworks.com/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 05 May 2024 09:55:33 GMT
strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-allow-methods
POST,OPTIONS
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length
0
common.js
maps.googleapis.com/maps-api-v3/api/js/56/11/intl/de_ALL/
256 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/11/intl/de_ALL/common.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
sffe /
Resource Hash
48efc04cd4444974b4fac7b6b2c4bdaf51fa08686b83eb6958fbef35edfca0c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 18:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
230072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57232
x-xss-protection
0
last-modified
Thu, 02 May 2024 04:26:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 May 2025 18:01:00 GMT
util.js
maps.googleapis.com/maps-api-v3/api/js/56/11/intl/de_ALL/
183 KB
56 KB
Script
General
Full URL
https://maps.googleapis.com/maps-api-v3/api/js/56/11/intl/de_ALL/util.js
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
sffe /
Resource Hash
306725c6746871222f61d00685232eab79b2bd17ea4840391c6fbf66686c7d18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://itworks.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 02 May 2024 18:01:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
230072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57217
x-xss-protection
0
last-modified
Thu, 02 May 2024 04:26:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="maps-api-js"
vary
Accept-Encoding, Origin
report-to
{"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 May 2025 18:01:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4510v890894587za200&_p=1714902922748&gcs=G111&gcd=13r3r3r2r5&npa=0&dma_cps=sypham&dma=1&cid=397942158.1714902923&ecid=522978045&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.118%7CGoogle%2520Chrome%3B124.0.6367.118%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=noapi&_eu=EA&_s=5&sid=1714902923&sct=1&seg=0&dl=https%3A%2F%2Fperfectbodywrap.itworks.com%2F&dt=It%20Works!&en=user_engagement&_et=1564&tfd=6387
Domain
perfectbodywrap.itworks.com
URL
https://perfectbodywrap.itworks.com/cdn-cgi/rum?

Verdicts & Comments Add Verdict or Comment

185 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer string| GoogleAnalyticsObject function| ga function| onGoogleMapsLoad function| $ function| jQuery object| google object| module$exports$mapsapi$geometry$spherical object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| google_tag_data object| gaplugins object| google_tag_manager object| onYouTubeIframeAPIReady object| gaGlobal object| webpackChunkportal function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononYouTubeIframeAPIReadypatched function| __zone_symbol__queueMicrotask object| CQPolyfill object| __core-js_shared__ object| Sailthru function| SwiperElementRegisterParams object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__loadfalse object| __zone_symbol__pagehidefalse object| __cfBeacon object| __zone_symbol__visibilitychangetrue object| __zone_symbol__prerenderingchangetrue object| __zone_symbol__pageshowtrue object| __zone_symbol__keydowntrue object| __zone_symbol__clicktrue object| __zone_symbol__pagehidetrue object| __zone_symbol__loadtrue function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers object| __zone_symbol__scrollfalse object| LO function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

12 Cookies

Domain/Path Name / Value
.perfectbodywrap.itworks.com/ Name: ARRAffinity
Value: 97cd66d864ee5d0f6349651037f6b7bb631548168f8bd11c0445e241aa8530b8
.perfectbodywrap.itworks.com/ Name: ARRAffinitySameSite
Value: 97cd66d864ee5d0f6349651037f6b7bb631548168f8bd11c0445e241aa8530b8
.itworks.com/ Name: toggle-user
Value: US-en-RC-08
.itworks.com/ Name: cf_clearance
Value: TT3YYddsPUZMFelNZlJsWuY0ejr43MOVm4S5N6gLpG0-1714902924-1.0.1.1-tz2BeWifhSf2c0vpI3WdR6jmJGw2Rplo93OgGF5.cNlWkmy4VwhhNCGx7ha1y3DnQRcR.jTq_sYqukzgLrl0Ng
.itworks.com/ Name: IWGSessionGuid
Value: {8A6638F2-6A1A-4079-ABE7-7340B23FD589}
.itworks.com/ Name: IWGDetectedLocale
Value: en-US
.itworks.com/ Name: IWGCountrySlug
Value: US
.itworks.com/ Name: IWGLanguageSlug
Value: en
.itworks.com/ Name: _ga
Value: GA1.1.397942158.1714902923
.itworks.com/ Name: ARRAffinity
Value: 97cd66d864ee5d0f6349651037f6b7bb631548168f8bd11c0445e241aa8530b8
.itworks.com/ Name: ARRAffinitySameSite
Value: 97cd66d864ee5d0f6349651037f6b7bb631548168f8bd11c0445e241aa8530b8
.itworks.com/ Name: _ga_B9ZCN4XJNP
Value: GS1.1.1714902923.1.0.1714902929.57.0.522978045

1 Console Messages

Source Level URL
Text
network error URL: https://services.itworks.com/customer/v1/profiles/perfectbodywrap
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
assets-us-01.kc-usercontent.com
clientstream.launchdarkly.com
cmsproxy.itworks.com
code.jquery.com
d20519brkbo4nz.cloudfront.net
events.launchdarkly.com
fonts.gstatic.com
itworks.com
maps.googleapis.com
perfectbodywrap.itworks.com
perfectbodywrap.myitworks.com
region1.analytics.google.com
region1.google-analytics.com
services.itworks.com
settings.luckyorange.com
static.cloudflareinsights.com
static.myitworks.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
perfectbodywrap.itworks.com
region1.analytics.google.com
104.18.16.131
13.248.151.210
142.250.181.227
142.250.74.195
151.101.1.91
151.101.130.217
172.217.18.10
2001:4860:4802:34::36
216.239.34.36
2600:9000:211e:b800:18:6c16:27c0:93a1
2606:4700::6810:4f49
2606:4700::6812:1083
2606:4700::6812:1179
2606:4700::6812:1183
2a00:1450:4001:806::2008
2a00:1450:4001:809::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c02::9b
2a04:4e42:400::347
2a04:4e42:600::649
34.107.203.234
34.194.12.154
017c48c0fb4519c1217d28f368a06028ffab2c5f893d4dffe1c74fc47c7aabbc
03de23361c1221c60ef0070ae7f6b1b30d047e2ed954b3ec03ce374887c523da
058d4da2552f04cfdfdecc03a38df9bd9e857321a810306ce3907aad25d859d8
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
09feb63448ffff7fcaceb5419ee6bd1a3adff40531f7365820d382194ebce617
0cdfed35e2d774231a81563470ecf23c3c0b6e6c48922a7c0e5198a0321c365b
0f063daedc9dd024b13b139a8e7b87729690ea6a10e5fa87b456d5c2b0040b76
0faafdb139b75f63e0a8e3efe617e12474e8475fb08c39d22c5f78837d36f384
1395f7fdc86faa8477ae13bf894d66e08e73ba590f69cfd031a546d0e6b4592a
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028
1f4ee8728698e668652f8f6c22a3a62b882f773a7f5a9d6c4628c6aac30b9319
2340785a8a57f3f5e73e8d18f3556d444c0ddfc960c213225be49cecfeb435a2
23649b5d45272bed606232a4a56432ca77883c59f635d586ad2404917fccdfaa
237abadacd16b6615ca3aaa560fc0c7e2c709d97256c5dc8a21b4c5dc1d2b845
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377
26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf
2cd45b88dd4853790f6bbe31868533c78a2a968d5c17f5961fc8a829ae46dbf7
306725c6746871222f61d00685232eab79b2bd17ea4840391c6fbf66686c7d18
31e71dc9daeb2cc9e8f98bc38f78f9bd9d1f3d3f8d3ed9631e3b13e3de70137c
34149706cd054418fe308bd37af5e5a1b7f4526b48351140c831133809c30dee
35ca72ea1571b028a5dbd8b4238fc778832e836c466b9826bab57d5cdcf80dc7
38a056694ebd7e7d1261e0d29f63b992b8352ca61ced5bbea0a077409213c24b
3920c003f19fdf6657c4bd18010ac6be95e6e900b7b2fbc4ca2f647c8e2ca003
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3c09352a88ecf332aef871bfac5b3b54cadbd3c4cc3939dc0e25d7d4e8ce3d5f
3d42f70049ebfee9a879aeba1e4dbd0c94286164d2f96adc6fd73b29c86eb032
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
3ea09d57427d6da60661646de7b671ab0f7d1a76cf98d1beb72129656122deae
40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b
48297ac13e76efd39f64d23005c41a9d27bf6528ec62faba0715f07fc42a0260
48efc04cd4444974b4fac7b6b2c4bdaf51fa08686b83eb6958fbef35edfca0c2
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5015fb7de2d75e628a6a6efa053ce66de9b47398a3720a8bb14989f17835138f
530f1dde02a66daaa50088341941102d99e7a182280036ec9dc2c6c9c7cf0d21
544c6fde043c912bbdd51bb76887ddffd0706c38d5d67d89f5da1362216d95f6
5450b14c8c05863b29a4c0576d6c21c34e2e15a2713eaac85c2e184c892c70e5
554a99b5851aef249e71b90594c453f1aa49baadd305ccf057e2686cf8694bf5
557d020af00c516825b46d036cfc6fd60c8174a802a63458c2a63af428014cf7
63e88d4eafa0946e80219e0273a45c0b82660735ec22a3f7e1fa5d323e01bce0
643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354
64b1fb0730a1573b37b164dc32848fd6298ca1116285991f86228c42b312d52a
6585b2e1e41bd245f2b3d747728c4b8d790ac1a478486ffd7355a5251bb5a7ff
6612a5882703839b3abb0db52ca478d4476c005dbe627bc9bc8735664f73046c
6639ff17ba6252dec4719995a634e5f7973b71eddee1f430dcf88829817b12e8
6817e2797ce7771afca1bba2f58e69bb1740f92091428ff6b87af8385c19a1cf
6be009a25bb7b47f2ebe523e4b55ea02f4957bcbd3e2b99afa79607f2d68a4a8
6ceb540a5ce63c853035a4132239b1ec79c58eccf69162f474e86f7b15dbfd71
6e7032d47d8900347d5167a6308ffd161260e8e09fee4b554f241b707c317038
7249705d38d45667c9573d01f750e39a87a1ac9ebdbcd7e36b2d9dc7759cd94b
72a6b1f702133de22be12627d3485179ef1ebf79aa71d94a5ab249ae83cfd82f
768452f0ba61f4c89cc5f0834315775d546f3293f00d6ab6cc1884d3e3ff9ee1
79fa6442200868134c7be504c9b67aa02bc21d87fb82c5678be70904b2b5503e
7b332c71515a908fe98cd6073f2e36ce95b381b391121aa7603b93400314d530
7c13346da4ca7a2e62aba18c1721b149fbc549299aa418579a059da0366684d6
7eb9f44ac256d3b20132af25de649a924dc6549f793a914fd7b65976866065cd
82d71181f56d67dc6b1948b7be60e73b5ee02507fabf967277dc89bb0a43180f
83800c9207acaee11aeb214bf7e14b61f10f91c95900bb1b230740094f9adb33
872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798
887a325777f013f020501c7db8fcfca2eceea89a66b129f5d3c4608124ae5d83
8bac3aecd8f65442ee70c15442ee742d0261e0c576eaf85ebc39049a5191ae97
9095efdc7bec4800ab9884a18d5366f22e9ce6aca39d13d57b909092909405df
910548fa5624b6a2ebb9e65e942a966115cd113c9f3f44c251ad15b34b87f533
941471be3ed659eb42f3a2e159b3e29151dc766576e1cd29b71950f4a8e76f91
977459df5c51a07861a7365d84554211b66266165f446c654b0084a41a1d9ea3
98a18a65d3515818352fb67eb8529f28f7c244d0e985a0b5327b00eb630a5fbb
9c78ef0542ca77fc9a13c737d610c4bde84d58a8d18a7cfd8a3d397a467b25b6
a383cf4d75cc99cb2e430930b91c439721988c13449af37ab7b79f36e5bf5aca
a46501ee0dd7b58070d4be291149e8f083e557fca9636dbaf798a5786a392030
a8e71dd2ad2c3a12d8f71c9cbf0d42563aefff5828d07e6fe9da709da1f6b26b
aa5f319abf4fec3ec9cfcb2dbccbf3f876e34b7a91061d3c98180222dcfa2d17
ace251c08ca366b0dc46563885601cb9faa13f9dfedbf128f0575f62eef0932d
b12b30d5c990cc4c226b9a056d3c84f30c46cd82c1ae169f2f466048bebe5d03
b56736f671054035c9868da2d1e4f10fb44b0ff94e3576e6b575c79482d03813
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070
baac71d6cf217c8f172d06950694f10a6ea8d8f56a6414a5b5b0306a1b654b84
bdc883a77381b1eed80e3c2790c8cae3e720ed3dd2342a6ca3da14f690268157
c097e1027f753314a7dd90cb77375c5ac6782186da491ad822c7b0b584d804bc
c70ba1cb67cc649da2b1f5dc4a26891437d8bba2cc098c88461e6bfc23949d9e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf422544f33d68cc402b9a7389b4f15d5ce54a0d4981a657c2952c6a65ed9c6d
cfcd1974fa5bc2dbdbbb2f3a5dfabcaf673f49c10e94c2c7d54682a586f627ee
d2ca1afebf67c543b12fdd6f3e8874cd8b04c42da4b87c745c3e7f811e148198
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
d61b28fa7eeed4d6714bea600452aec950028bb55febf6b21d9ca38157ff7ee7
d65933fd01da8d87f8b30f4f7d92349b90cb5e1bbb236ffd47a3b03fc73eedff
d659f25a60bc15cece7122cd53c0f57d0348eb44243ae47b3ac8a6b11deed6cd
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e02dfb4d7e3ba3d0d2bccc5a2581ff6e33957c7c502adf794df7ce824ba8c43d
e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92
e23fe6a6a5d9998a759442e8e5c716797a32282f8de163fce97c656408682bef
e3307ff3c4c11fa4f38be345a5abdd2c7ba8157f707393fa78a371b796048efe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46683a93a551978fdf745e1f09eeab083677b9ff89f5ac81ac643fca24f19c7
e8d7453f1b6aee84cf2a2eb5a5627e94f9974613636906dccc4908d10fec6aa6
ecf86695ff28024a395254cf011c1bd93d354c6edc4dc51ec6670e6145526abe
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f110fba976a69b025e229418bcea2eb685ceb52d7d3f6488b6a86aaa323d7308
f74948e2f0707b6f12a69456218dc337036bc0f1d17538a0fdb98aaf16e8dd0c
f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c
fa3d939cc54d19190dcd649af77411ecb671b9511def19acceed663d3c149693
ff4a78009e4666bfc1d9df7459b4af5973a1203c293c3a6d63095224c972b912