www.pathwaystowellnessmn.org Open in urlscan Pro
69.167.154.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://pathwaystowellnessmn.org/
Effective URL:
https://www.pathwaystowellnessmn.org/
Submission: On December 07 via manual (December 7th 2022, 8:20:05 pm UTC) from US — Scanned from DE

Summary HTTP 26 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 26 HTTP transactions. The main IP is 69.167.154.48, located in United States and belongs to LIQUIDWEB, US. The main domain is www.pathwaystowellnessmn.org.
TLS certificate: Issued by R3 on November 29th 2022. Valid for: 3 months.

This is the only time www.pathwaystowellnessmn.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 18	69.167.154.48 69.167.154.48	32244 (LIQUIDWEB) (LIQUIDWEB)
4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
26	4

18 69.167.154.48 (United States) 2 redirects

ASN32244 (LIQUIDWEB, US)
PTR: host.zdcompany.com

pathwaystowellnessmn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pathwaystowellnessmn.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	pathwaystowellnessmn.org 2 redirects pathwaystowellnessmn.org www.pathwaystowellnessmn.org	826 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	379 KB
4	google.com www.google.com — Cisco Umbrella Rank: 2	42 KB
26	3

	Domain	Requested by
17	www.pathwaystowellnessmn.org	1 redirects www.pathwaystowellnessmn.org
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.com	www.pathwaystowellnessmn.org www.gstatic.com www.google.com
2	fonts.gstatic.com	www.google.com
1	pathwaystowellnessmn.org	1 redirects
26	5

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
pathwaystowellnessmn.org R3	`2022-11-29` - `2023-02-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.pathwaystowellnessmn.org/
Frame ID: 4899C79977A8F50B353BB014FABCA79B
Requests: 18 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejpaUhAAAAAKjCyqbYNjYpCvYXiYrqHF57YF3K&co=aHR0cHM6Ly93d3cucGF0aHdheXN0b3dlbGxuZXNzbW4ub3JnOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=ns9nv4m4fibc
Frame ID: 5F18EF5987AA26F21E17A4CE9E89B9C4
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pathways To Wellness - Ely, Babbitt & Tower MN

Page URL History Show full URLs

http://pathwaystowellnessmn.org/ HTTP 301
http://www.pathwaystowellnessmn.org/ HTTP 301
https://www.pathwaystowellnessmn.org/ Page URL

Detected technologies

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+class="[^"]*(?:uk-container|uk-section)
uikit.*\.js

Element UI (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<(?:div|button) class="el-(?:table-column|table-filter|popper|pagination|pager|select-group|form|form-item|color-predefine|color-hue-slider|color-svpanel|color-alpha-slider|color-dropdown|color-picker|badge|tree|tree-node|select|message|dialog|checkbox|checkbox-button|checkbox-group|container|steps|carousel|menu|menu-item|submenu|menu-item-group|button|button-group|card|table|select-dropdown|row|tabs|notification|radio|progress|progress-bar|tag|popover|tooltip|cascader|cascader-menus|cascader-menu|time-spinner|spinner|spinner-inner|transfer|transfer-panel|rate|slider|dropdown|dropdown-menu|textarea|input|input-group|popup-parent|radio-group|main|breadcrumb|time-range-picker|date-range-picker|year-table|date-editor|range-editor|time-spinner|date-picker|time-panel|date-table|month-table|picker-panel|collapse|collapse-item|alert|select-dropdown|select-dropdown__empty|select-dropdown__wrap|select-dropdown__list|scrollbar|switch|carousel|upload|upload-dragger|upload-list|upload-cover|aside|input-number|header|message-box|footer|radio-button|step|autocomplete|autocomplete-suggestion|loading-parent|loading-mask|loading-spinner|)

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

26
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

1246 kB
Transfer

1853 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/Pathways-to-Wellness-101997871497722

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://pathwaystowellnessmn.org/ HTTP 301
http://www.pathwaystowellnessmn.org/ HTTP 301
https://www.pathwaystowellnessmn.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.pathwaystowellnessmn.org/
Redirect Chain

http://pathwaystowellnessmn.org/
http://www.pathwaystowellnessmn.org/
https://www.pathwaystowellnessmn.org/

25 KB
25 KB

808ms
550ms

Document
text/html

69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

4ca1078bfa817b92c849f1946d6d17ec1be7b0e088ea376f6c059187a0abcbc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
Date: Wed, 07 Dec 2022 20:19:58 GMT
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Keep-Alive: timeout=2, max=500
Last-Modified: Wed, 07 Dec 2022 20:19:58 GMT
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
cross-origin-opener-policy: same-origin
referrer-policy: strict-origin-when-cross-origin
x-frame-options: SAMEORIGIN

Redirect headers

Connection: Keep-Alive
Content-Length: 245
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 07 Dec 2022 20:19:58 GMT
Keep-Alive: timeout=2, max=500
Location: https://www.pathwaystowellnessmn.org/
Server: Apache
X-Content-Type-Options: nosniff

GET
H/1.1 200
OK joomla-alert.min.css
www.pathwaystowellnessmn.org/media/vendor/joomla-custom-elements/css/ 4 KB
1 KB 237ms
131ms Stylesheet
text/css 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/media/vendor/joomla-custom-elements/css/joomla-alert.min.css?0.2.0

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

70afa630568bdfee5b7ce97098eeb038d6a1bb9af0a406dd0682efc9c00a2a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:19:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Nov 2022 22:53:04 GMT
Server: Apache
Vary: Accept-encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 959

GET
H/1.1 200
OK joomla-fontawesome.min.css
www.pathwaystowellnessmn.org/media/system/css/ 74 KB
15 KB 369ms
131ms Stylesheet
text/css 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/media/system/css/joomla-fontawesome.min.css?3.0.14

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

02a36ffc4f34c4c3f27d63ef1ddc5084aa944371e89f87e074debd6c678d42b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:19:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Nov 2022 22:53:04 GMT
Server: Apache
Vary: Accept-encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 15445

GET
H/1.1 200
OK theme.12.css
www.pathwaystowellnessmn.org/templates/yootheme/css/ 413 KB
414 KB 381ms
129ms Stylesheet
text/css 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/css/theme.12.css?1669657973

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

e4c8648f4f482e691b83de563cec98a70130e8c22eb4f50520f373a478688595

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:19:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Nov 2022 17:52:53 GMT
Server: Apache
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 423343

GET
H/1.1 200
OK core.min.js Show response
www.pathwaystowellnessmn.org/media/system/js/ 7 KB
3 KB 380ms
128ms Script
text/javascript 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/media/system/js/core.min.js?bea7b244e267b04087cedcf531f6fe827a8e101f

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

5103852e410d9e0d00c93a200a4118ab452ab8b864e5f570dd9615cdeb4fdead

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:19:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Nov 2022 22:53:04 GMT
Server: Apache
Vary: Accept-encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 3156

GET
H/1.1 200
OK messages.min.js Show response
www.pathwaystowellnessmn.org/media/system/js/ 5 KB
2 KB 383ms
130ms Script
text/javascript 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/media/system/js/messages.min.js?7425e8d1cb9e4f061d5e30271d6d99b085344117

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

d5d2e5ff36a371736c74fc21effdb456e0fd7ad1d7a93dd44a65e24c03e64b8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pathwaystowellnessmn.org/
Origin: https://www.pathwaystowellnessmn.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:19:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Nov 2022 22:53:04 GMT
Server: Apache
Vary: Accept-encoding
Content-Type: text/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 1704

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
996 B 88ms
35ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LejpaUhAAAAAKjCyqbYNjYpCvYXiYrqHF57YF3K

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e5d39f1ba6d304006841c9cbf4e2110a0530b5ed19d58fb398086c2c13594626

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:19:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 583
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 20:19:59 GMT

GET
H/1.1 200
OK uikit.min.js Show response
www.pathwaystowellnessmn.org/templates/yootheme/vendor/assets/uikit/dist/js/ 133 KB
133 KB 385ms
129ms Script
application/javascript 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/vendor/assets/uikit/dist/js/uikit.min.js?3.0.14

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

8a596c18ec6c76961f063d840561d54c2c0d1239bb1f435ca385b7a9365f0a98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:19:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Nov 2022 17:52:36 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 135975

GET
H/1.1 200
OK uikit-icons-design-escapes.min.js Show response
www.pathwaystowellnessmn.org/templates/yootheme/vendor/assets/uikit/dist/js/ 66 KB
66 KB 387ms
130ms Script
application/javascript 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/vendor/assets/uikit/dist/js/uikit-icons-design-escapes.min.js?3.0.14

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

3c023dee65aa153b5acb932d0f2455dfd3591f6dc2eafe37aeaf08c687e2c511

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:19:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Nov 2022 17:52:36 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=500
Content-Length: 67555

GET
H/1.1 200
OK theme.js Show response
www.pathwaystowellnessmn.org/templates/yootheme/js/ 3 KB
3 KB 497ms
129ms Script
application/javascript 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/js/theme.js?3.0.14

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

0a789cbffaf4ca57e74c208d9b49809aa18581fa91b5cc7ca822ce1fe5c53e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:19:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Nov 2022 17:52:35 GMT
Server: Apache
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=497
Content-Length: 3240

GET
H/1.1 200
OK logo-f2ff8f62.webp
www.pathwaystowellnessmn.org/templates/yootheme/cache/f2/ 7 KB
7 KB 132ms
131ms Image
image/webp 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/cache/f2/logo-f2ff8f62.webp

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

0c6b8ef60d758bc38f91dfe4fe92cdad94cb1b15722a3c891be071d2149e016c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:19:59 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Nov 2022 19:24:24 GMT
Server: Apache
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 6812

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ 402 KB
162 KB 77ms
23ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LejpaUhAAAAAKjCyqbYNjYpCvYXiYrqHF57YF3K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pathwaystowellnessmn.org/
Origin: https://www.pathwaystowellnessmn.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 18:46:11 GMT

GET
H/1.1 200
OK font-91dba941.woff2
www.pathwaystowellnessmn.org/templates/yootheme/fonts/ 10 KB
10 KB 131ms
131ms Font
font/woff2 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/fonts/font-91dba941.woff2

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/templates/yootheme/css/theme.12.css?1669657973

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

ab6553c87e74869318c193b164bf0eba8e17dbab983408a6d8042cbf485b35e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pathwaystowellnessmn.org/templates/yootheme/css/theme.12.css?1669657973
Origin: https://www.pathwaystowellnessmn.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:20:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Aug 2022 17:43:21 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 10004

GET
H/1.1 200
OK font-54bd29d3.woff2
www.pathwaystowellnessmn.org/templates/yootheme/fonts/ 10 KB
10 KB 131ms
131ms Font
font/woff2 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/fonts/font-54bd29d3.woff2

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/templates/yootheme/css/theme.12.css?1669657973

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

9ffb7d5a1b114ac98ab222d743f0629a17464e74258163fbe074df800c747bc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pathwaystowellnessmn.org/templates/yootheme/css/theme.12.css?1669657973
Origin: https://www.pathwaystowellnessmn.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:20:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Aug 2022 17:43:22 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=498
Content-Length: 10364

GET
H/1.1 200
OK font-810329d9.woff2
www.pathwaystowellnessmn.org/templates/yootheme/fonts/ 18 KB
18 KB 132ms
131ms Font
font/woff2 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/fonts/font-810329d9.woff2

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/templates/yootheme/css/theme.12.css?1669657973

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pathwaystowellnessmn.org/templates/yootheme/css/theme.12.css?1669657973
Origin: https://www.pathwaystowellnessmn.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:20:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Aug 2022 17:43:22 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 18000

GET
H/1.1 200
OK font-f0229509.woff2
www.pathwaystowellnessmn.org/templates/yootheme/fonts/ 18 KB
19 KB 130ms
130ms Font
font/woff2 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/fonts/font-f0229509.woff2

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/templates/yootheme/css/theme.12.css?1669657973

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pathwaystowellnessmn.org/templates/yootheme/css/theme.12.css?1669657973
Origin: https://www.pathwaystowellnessmn.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:20:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 24 Aug 2022 17:43:22 GMT
Server: Apache
Content-Type: font/woff2
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=496
Content-Length: 18860

GET
H/1.1 200
OK header2-025ce942.webp
www.pathwaystowellnessmn.org/templates/yootheme/cache/02/ 91 KB
92 KB 131ms
130ms Image
image/webp 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/cache/02/header2-025ce942.webp

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

42795d2b52448db7e6db9053227a43b7fdddb4a310e25870f5f298d0dad1950f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:20:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Nov 2022 19:24:25 GMT
Server: Apache
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 93486

GET
H/1.1 200
OK logo-2ca9da76.webp
www.pathwaystowellnessmn.org/templates/yootheme/cache/2c/ 5 KB
6 KB 130ms
129ms Image
image/webp 69.167.154.48
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pathwaystowellnessmn.org/templates/yootheme/cache/2c/logo-2ca9da76.webp

Requested by

Host: www.pathwaystowellnessmn.org
URL: https://www.pathwaystowellnessmn.org/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

69.167.154.48 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

host.zdcompany.com

Software

Apache /

Resource Hash

71571a6a7407c7334c971c95f210142e469145c86db9611126fc506d35aba801

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pathwaystowellnessmn.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 20:20:00 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 21 Nov 2022 19:24:24 GMT
Server: Apache
Content-Type: image/webp
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=499
Content-Length: 5616

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 5F18 42 KB
22 KB 44ms
42ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejpaUhAAAAAKjCyqbYNjYpCvYXiYrqHF57YF3K&co=aHR0cHM6Ly93d3cucGF0aHdheXN0b3dlbGxuZXNzbW4ub3JnOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=ns9nv4m4fibc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bd8e69396062fe173ce0a7d262e62313b820c42fd798debbdb4ffa6a6364495c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jakb0aQJlgVa-_kpiTVQXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pathwaystowellnessmn.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22410
content-security-policy: script-src 'report-sample' 'nonce-jakb0aQJlgVa-_kpiTVQXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 20:20:00 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 5F18 52 KB
24 KB 71ms
21ms Stylesheet
text/css 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejpaUhAAAAAKjCyqbYNjYpCvYXiYrqHF57YF3K&co=aHR0cHM6Ly93d3cucGF0aHdheXN0b3dlbGxuZXNzbW4ub3JnOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=ns9nv4m4fibc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 17:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24262
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 17:37:09 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/ Frame 5F18 402 KB
161 KB 85ms
35ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 164812
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 03:01:59 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 07 Dec 2023 18:46:11 GMT

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 5F18 2 KB
2 KB 21ms
20ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 18:59:47 GMT
x-content-type-options: nosniff
age: 91213
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 13 Dec 2022 18:59:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F18 15 KB
16 KB 74ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 11:55:05 GMT
x-content-type-options: nosniff
age: 462295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 11:55:05 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 5F18 15 KB
15 KB 79ms
26ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 165521
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 5F18 102 B
134 B 32ms
32ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=Km9gKuG06He-isPsP6saG8cn

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejpaUhAAAAAKjCyqbYNjYpCvYXiYrqHF57YF3K&co=aHR0cHM6Ly93d3cucGF0aHdheXN0b3dlbGxuZXNzbW4ub3JnOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=ns9nv4m4fibc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 20:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 20:20:00 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 5F18 32 KB
18 KB 54ms
54ms XHR
application/json 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LejpaUhAAAAAKjCyqbYNjYpCvYXiYrqHF57YF3K

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5e4c58b26ac2cd66cc9ab1e7bad0979a41677cb19e664eec5048e889aabe29c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LejpaUhAAAAAKjCyqbYNjYpCvYXiYrqHF57YF3K&co=aHR0cHM6Ly93d3cucGF0aHdheXN0b3dlbGxuZXNzbW4ub3JnOjQ0Mw..&hl=de&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&cb=ns9nv4m4fibc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.94 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 07 Dec 2022 20:20:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18759
x-xss-protection: 1; mode=block
expires: Wed, 07 Dec 2022 20:20:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.google.com/recaptcha	1970-01-20 12:19:56	Name: _GRECAPTCHA Value: 09ACJCI2kJXKAehwzIF3Bq07vIOHvGJAN91UigPFrf701_86g2HGVRTKroxUBHBVqyzunt8faphQlr34N-gRwIDeM
			www.pathwaystowellnessmn.org/	1969-12-31 23:59:59	Name: 007712cff84677da3068c29a9040373d Value: e4e8c8914ad153a3a508b81e9a68952c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
pathwaystowellnessmn.org
www.google.com
www.gstatic.com
www.pathwaystowellnessmn.org
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82f::2004
69.167.154.48
02a36ffc4f34c4c3f27d63ef1ddc5084aa944371e89f87e074debd6c678d42b1
0a789cbffaf4ca57e74c208d9b49809aa18581fa91b5cc7ca822ce1fe5c53e79
0c6b8ef60d758bc38f91dfe4fe92cdad94cb1b15722a3c891be071d2149e016c
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
3c023dee65aa153b5acb932d0f2455dfd3591f6dc2eafe37aeaf08c687e2c511
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42795d2b52448db7e6db9053227a43b7fdddb4a310e25870f5f298d0dad1950f
49791a696302b5112cec6f474d4d188ec3da019fab43b744b558c8b5e6644785
4a59bb42cb945084820cd1eb370a22a68fa9451b9e57abb1daada408d2ff64e1
4ca1078bfa817b92c849f1946d6d17ec1be7b0e088ea376f6c059187a0abcbc7
4d77e58db2ca624537becef34dff8d3c24628e41592ac4106e1b5813e0a1d8a0
5103852e410d9e0d00c93a200a4118ab452ab8b864e5f570dd9615cdeb4fdead
5773240cdcd07b20f60e178a5d1bdbec55783aba224236be6a40429d1cf44998
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e4c58b26ac2cd66cc9ab1e7bad0979a41677cb19e664eec5048e889aabe29c7
70afa630568bdfee5b7ce97098eeb038d6a1bb9af0a406dd0682efc9c00a2a29
71571a6a7407c7334c971c95f210142e469145c86db9611126fc506d35aba801
8a596c18ec6c76961f063d840561d54c2c0d1239bb1f435ca385b7a9365f0a98
9ffb7d5a1b114ac98ab222d743f0629a17464e74258163fbe074df800c747bc3
ab6553c87e74869318c193b164bf0eba8e17dbab983408a6d8042cbf485b35e4
bd8e69396062fe173ce0a7d262e62313b820c42fd798debbdb4ffa6a6364495c
d5d2e5ff36a371736c74fc21effdb456e0fd7ad1d7a93dd44a65e24c03e64b8b
e4c8648f4f482e691b83de563cec98a70130e8c22eb4f50520f373a478688595
e5d39f1ba6d304006841c9cbf4e2110a0530b5ed19d58fb398086c2c13594626
fcecb97c12786d7a9387a81e74e4179790fd84425c9c75be1aec3aed645bf6e2

www.pathwaystowellnessmn.org Open in urlscan Pro 69.167.154.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

26 Requests

100 %HTTPS

75 %IPv6

3 Domains

5 Subdomains

4 IPs

2 Countries

1246 kBTransfer

1853 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

2 Cookies

Security Headers

www.pathwaystowellnessmn.org Open in urlscan Pro
69.167.154.48 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

100 %
HTTPS

75 %
IPv6

3
Domains

5
Subdomains

4
IPs

2
Countries

1246 kB
Transfer

1853 kB
Size

2
Cookies

26 HTTP transactions
0 data transactions