Submitted URL: http://sosexyunwrapped.itworks.com/
Effective URL: https://itworks.com/
Submission: On November 29 via api from US — Scanned from DE

Summary

This website contacted 23 IPs in 3 countries across 18 domains to perform 261 HTTP transactions. The main IP is 2606:4700::6812:1183, located in United States and belongs to CLOUDFLARENET, US. The main domain is itworks.com. The Cisco Umbrella rank of the primary domain is 708605.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 6th 2024. Valid for: 10 months.
This is the only time itworks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 68 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a04:4e42:200... 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
9 2001:4860:480... 15169 (GOOGLE)
8 151.101.66.217 54113 (FASTLY)
39 2606:4700::68... 13335 (CLOUDFLAR...)
4 52.206.112.129 14618 (AMAZON-AES)
2 2606:4700::68... 13335 (CLOUDFLAR...)
2 3.33.235.18 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
2 34.107.203.234 396982 (GOOGLE-CL...)
56 2a04:4e42:200... 54113 (FASTLY)
18 2a04:4e42:400... 54113 (FASTLY)
8 2600:9000:211... 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
261 23
Apex Domain
Subdomains
Transfer
107 itworks.com
sosexyunwrapped.itworks.com
services.itworks.com
cmsproxy.itworks.com
itworks.com — Cisco Umbrella Rank: 708605
2 MB
56 kc-usercontent.com
assets-us-01.kc-usercontent.com — Cisco Umbrella Rank: 57031
1 MB
26 wistia.com
fast.wistia.com — Cisco Umbrella Rank: 4773
embed-ssl.wistia.com — Cisco Umbrella Rank: 9290
embed-cloudfront.wistia.com Failed
1 MB
14 launchdarkly.com
app.launchdarkly.com — Cisco Umbrella Rank: 696
events.launchdarkly.com — Cisco Umbrella Rank: 877
clientstream.launchdarkly.com — Cisco Umbrella Rank: 939
7 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
region1.google-analytics.com — Cisco Umbrella Rank: 3353
21 KB
4 gstatic.com
fonts.gstatic.com
63 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
229 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 466
80 KB
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 135
td.doubleclick.net — Cisco Umbrella Rank: 182
635 B
2 luckyorange.com
settings.luckyorange.com — Cisco Umbrella Rank: 13415
239 B
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4108
2 myitworks.com
static.myitworks.com
1 KB
2 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 617
7 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 847
29 KB
1 sentry-cdn.com
js.sentry-cdn.com — Cisco Umbrella Rank: 5415
2 KB
1 cloudfront.net
d20519brkbo4nz.cloudfront.net
5 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 10745
63 B
0 litix.io Failed
fg8vvsvnieiv3ej16jby.litix.io Failed
261 18
Domain Requested by
58 sosexyunwrapped.itworks.com 1 redirects sosexyunwrapped.itworks.com
static.cloudflareinsights.com
56 assets-us-01.kc-usercontent.com
30 cmsproxy.itworks.com sosexyunwrapped.itworks.com
18 fast.wistia.com sosexyunwrapped.itworks.com
fast.wistia.com
10 itworks.com sosexyunwrapped.itworks.com
itworks.com
9 services.itworks.com sosexyunwrapped.itworks.com
itworks.com
8 embed-ssl.wistia.com
8 app.launchdarkly.com sosexyunwrapped.itworks.com
itworks.com
7 region1.google-analytics.com www.googletagmanager.com
sosexyunwrapped.itworks.com
itworks.com
4 events.launchdarkly.com sosexyunwrapped.itworks.com
itworks.com
4 fonts.gstatic.com sosexyunwrapped.itworks.com
itworks.com
4 www.googletagmanager.com sosexyunwrapped.itworks.com
www.googletagmanager.com
itworks.com
4 maps.googleapis.com sosexyunwrapped.itworks.com
maps.googleapis.com
itworks.com
2 settings.luckyorange.com sosexyunwrapped.itworks.com
2 stats.g.doubleclick.net www.googletagmanager.com
2 region1.analytics.google.com sosexyunwrapped.itworks.com
itworks.com
2 clientstream.launchdarkly.com
2 static.myitworks.com
2 static.cloudflareinsights.com sosexyunwrapped.itworks.com
itworks.com
2 www.google-analytics.com sosexyunwrapped.itworks.com
itworks.com
2 code.jquery.com sosexyunwrapped.itworks.com
itworks.com
1 js.sentry-cdn.com fast.wistia.com
1 d20519brkbo4nz.cloudfront.net sosexyunwrapped.itworks.com
1 www.google.de
1 td.doubleclick.net www.googletagmanager.com
0 embed-cloudfront.wistia.com Failed sosexyunwrapped.itworks.com
0 fg8vvsvnieiv3ej16jby.litix.io Failed sosexyunwrapped.itworks.com
fast.wistia.com
261 27

This site contains no links.

Subject Issuer Validity Valid
itworks.com
Cloudflare Inc ECC CA-3
2024-03-06 -
2024-12-31
10 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA
2024-06-25 -
2025-06-25
a year crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cloudflareinsights.com
WE1
2024-11-01 -
2025-01-30
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
app.launchdarkly.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-04-04 -
2025-05-06
a year crt.sh
events.launchdarkly.com
Amazon ECDSA 256 M03
2024-07-16 -
2025-08-14
a year crt.sh
myitworks.com
WE1
2024-11-24 -
2025-02-22
3 months crt.sh
clientstream.launchdarkly.com
Amazon RSA 2048 M02
2024-07-16 -
2025-08-14
a year crt.sh
*.g.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.doubleclick.net
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.google.de
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
settings.luckyorange.com
R11
2024-10-08 -
2025-01-06
3 months crt.sh
*.kc-usercontent.com
R11
2024-10-14 -
2025-01-12
3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2024 Q1
2024-04-04 -
2025-05-06
a year crt.sh
*.wistia.com
Amazon RSA 2048 M02
2024-01-01 -
2025-01-28
a year crt.sh
*.sentry-cdn.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2
2024-06-04 -
2025-07-06
a year crt.sh

This page contains 3 frames:

Primary Page: https://itworks.com/
Frame ID: 20ABC611740CF807E793EFCBA5FB4839
Requests: 235 HTTP requests in this frame

Frame: https://sosexyunwrapped.itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js
Frame ID: FB77EDA77D8392A537660C78CF6AF857
Requests: 2 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-B9ZCN4XJNP&gacid=1941793914.1732901097&gtm=45je4bk0v890894587za200zb79783485&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1293879709
Frame ID: 68F3A41ACD96D51217DED05756514645
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

It Works!

Page URL History Show full URLs

  1. http://sosexyunwrapped.itworks.com/ HTTP 307
    https://sosexyunwrapped.itworks.com/ Page URL
  2. https://itworks.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js

Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

261
Requests

91 %
HTTPS

82 %
IPv6

18
Domains

27
Subdomains

23
IPs

3
Countries

5253 kB
Transfer

18283 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sosexyunwrapped.itworks.com/ HTTP 307
    https://sosexyunwrapped.itworks.com/ Page URL
  2. https://itworks.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sosexyunwrapped.itworks.com/ HTTP 307
  • https://sosexyunwrapped.itworks.com/
Request Chain 24
  • https://sosexyunwrapped.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://sosexyunwrapped.itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js

261 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
sosexyunwrapped.itworks.com/
Redirect Chain
  • http://sosexyunwrapped.itworks.com/
  • https://sosexyunwrapped.itworks.com/
20 KB
5 KB
Document
General
Full URL
https://sosexyunwrapped.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ac8ceb901b0a197b5a1520a6424fd0dd3bea8c3098afa231ea1297c172f47e68
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8ea44b497e199bf8-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 29 Nov 2024 17:24:56 GMT
last-modified
Wed, 27 Nov 2024 16:04:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=2592000
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-xss-protection
1; mode=block

Redirect headers

Location
https://sosexyunwrapped.itworks.com/
Non-Authoritative-Reason
HttpsUpgrades
jquery-2.2.4.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-14e4a"
age
2891767
x-cache
MISS, HIT
date
Fri, 29 Nov 2024 17:24:56 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
0, 130073
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21935-LGA, cache-fra-etou8220135-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732901096.450924,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
29811
server
nginx
js
maps.googleapis.com/maps/api/
236 KB
80 KB
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ba1f3034314fc03471d0d8f5de3b007f3df2ed2c3f5184051f96457f7b97e3de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
96bf4df9
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81599
date
Fri, 29 Nov 2024 17:24:56 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/
313 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f289714d4bdfd52c75f977e580f409faa1fd9fe6bf7fc3aa503145683fb7e607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 29 Nov 2024 17:24:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:24:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 29 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97234
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
gzip
age
6077
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:43:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 15:43:39 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
runtime.d3b51e990239ac77.js
sosexyunwrapped.itworks.com/portal/
3 KB
2 KB
Script
General
Full URL
https://sosexyunwrapped.itworks.com/portal/runtime.d3b51e990239ac77.js
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8af9459dd55f42f8d1b9b3e2cbe8619fbf57438767964def87db29cb45678b7d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"dd9-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:24:57 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:57 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b4d190c9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
polyfills.4eabdd1b793ab22a.js
sosexyunwrapped.itworks.com/portal/
69 KB
25 KB
Script
General
Full URL
https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cca4851fa7a29a0607378c513516b3f892446d4a6a0c8cc33e6cfae6e2412ba9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"11535-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:24:56 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:57 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b4d190e9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
scripts.7f0b88fdce9e9506.js
sosexyunwrapped.itworks.com/portal/
123 KB
45 KB
Script
General
Full URL
https://sosexyunwrapped.itworks.com/portal/scripts.7f0b88fdce9e9506.js
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d17a761a107c7b27e2aae1e12a2be31159021f0605ec2dccf9f5ef0802ff3bdd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"1ea78-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:24:57 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:57 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b4dd9a79bf8-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
main.05051b540671ea5a.js
sosexyunwrapped.itworks.com/portal/
3 MB
779 KB
Script
General
Full URL
https://sosexyunwrapped.itworks.com/portal/main.05051b540671ea5a.js
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4b43152bd44f0a43a0bf096c07e5788dda034c30f66def71647973397f7a84d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"30b9c4-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:24:57 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:57 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b4d19109bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
7 KB
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8ea44b4dfd8dd292-FRA
access-control-allow-origin
*
date
Fri, 29 Nov 2024 17:24:56 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
js
www.googletagmanager.com/gtag/
416 KB
133 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4bk0v79783485za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62a44d5dcb2c1b564996db0daa9d3ca7cca3d4c7c373ed98fa8269835e6f8641
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 29 Nov 2024 17:24:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:24:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
136186
x-xss-protection
0
server
Google Tag Manager
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
44 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Fri, 29 Nov 2024 17:24:56 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
styles.d19a2841d4f74e4b.css
sosexyunwrapped.itworks.com/portal/
1 MB
170 KB
Stylesheet
General
Full URL
https://sosexyunwrapped.itworks.com/portal/styles.d19a2841d4f74e4b.css
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ccd3193007afb621d7d338f9ddae0b8fef582cf8f5b5c58a7bc88a809622c752
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"10f046-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:24:57 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:57 GMT
content-type
text/css; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b4dd9a89bf8-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer
https://sosexyunwrapped.itworks.com/

Response headers

age
109818
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 10:54:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 10:54:38 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4bk0v890894587z879783485za200zb79783485&_p=1732901096432&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1941793914.1732901097&ecid=7317237&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&sid=1732901096&sct=1&seg=0&dl=https%3A%2F%2Fsosexyunwrapped.itworks.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=849
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4bk0v79783485za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sosexyunwrapped.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:24:56 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4bk0v890894587z879783485za200zb79783485&_p=1732901096432&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1941793914.1732901097&ecid=7317237&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=2&sid=1732901096&sct=1&seg=0&dl=https%3A%2F%2Fsosexyunwrapped.itworks.com%2F&dt=It%20Works!&en=user_login_status&ep.login_status=Logged%20Out&_et=1&tfd=857
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4bk0v79783485za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sosexyunwrapped.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:24:56 GMT
content-type
text/plain
server
Golfe2
styles.d19a2841d4f74e4b.css
sosexyunwrapped.itworks.com/portal/
1 MB
0
Stylesheet
General
Full URL
https://sosexyunwrapped.itworks.com/portal/styles.d19a2841d4f74e4b.css
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ccd3193007afb621d7d338f9ddae0b8fef582cf8f5b5c58a7bc88a809622c752
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"10f046-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:24:57 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:57 GMT
content-type
text/css; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b4dd9a89bf8-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 29 Nov 2024 17:24:58 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
2
x-served-by
cache-fra-etou8220020-FRA
x-timer
S1732901098.326247,VS0,VE0
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 29 Nov 2024 17:24:58 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-served-by
cache-fra-etou8220020-FRA
x-timer
S1732901098.326222,VS0,VE0
level
sosexyunwrapped.itworks.com/api/log/
20 B
216 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log/level
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cf-cache-status
DYNAMIC
etag
W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
access-control-allow-credentials
true
cf-ray
8ea44b583b809bf8-FRA
alt-svc
h3=":443"; ma=86400
content-length
20
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-powered-by
Express
server
cloudflare
countries
services.itworks.com/countries/v1/
3 KB
949 B
XHR
General
Full URL
https://services.itworks.com/countries/v1/countries
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

correlationid
e0dc0a31c8479ccdfad31f743212b42e
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Fri, 29 Nov 2024 21:24:58 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:58 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
50eff14d-c5b9-4936-9ccd-a99a8e7748ea
last-modified
Fri, 29 Nov 2024 17:24:58 GMT
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8ea44b588a14d345-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
bag
sosexyunwrapped.itworks.com/ajax/
1 KB
987 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/ajax/bag
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed99a52835c699e332389b40595117350c7f12540883dfca237d5d8dfe3a215b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
no-store,no-cache,no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache,no-cache
cf-ray
8ea44b583b839bf8-FRA
expires
Thu, 28 Nov 2024 17:24:58 GMT,0
x-iwgtime
11/29/2024 11:24:59 AM
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:59 GMT
content-type
application/json; Charset=utf-8
server
cloudflare
x-frame-options
SAMEORIGIN
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/
2 B
179 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-md5
d751713988987e9331980363e24189ce
access-control-max-age
300
content-encoding
gzip
etag
"d751713988987e9331980363e24189ce"
age
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
application/json
x-served-by
cache-fra-etou8220020-FRA
x-cache-hits
1
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
cache-control
max-age=0
x-timer
S1732901098.333217,VS0,VE2
ld-region
us-east-1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
26
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/
43 KB
6 KB
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b3b444223e2a69996578ff4da4b3411f8923ac8b05fa70ced990fee22a05aa6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer
https://sosexyunwrapped.itworks.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
etag
"576dbb"
age
0
access-control-allow-methods
OPTIONS, GET
x-cache
HIT
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
application/json
vary
Authorization, Accept-Encoding
x-served-by
cache-fra-eddf8230091-FRA, cache-fra-etou8220020-FRA
x-cache-hits
1
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
cache-control
max-age=0
x-timer
S1732901098.333603,VS0,VE3
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
6021
main.js
sosexyunwrapped.itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/ Frame FB77
Redirect Chain
  • https://sosexyunwrapped.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://sosexyunwrapped.itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
9 KB
4 KB
Script
General
Full URL
https://sosexyunwrapped.itworks.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
Protocol
H3
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9abef7b8e2c439b56e2f20270974622f04b9041d7b393560174de09a4257f5fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
content-encoding
gzip
x-content-type-options
nosniff
cf-ray
8ea44b587ba39bf8-FRA
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/b/scripts/jsd/a6e12e96a2d5/main.js?
cf-ray
8ea44b584b8c9bf8-FRA
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:24:58 GMT
vary
Accept-Encoding
server
cloudflare
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/
0
358 B
XHR
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.206.112.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-112-129.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Content-Type
application/json

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
access-control-expose-headers
Date
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
content-length
0
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
application/json
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.206.112.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-112-129.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 29 Nov 2024 17:24:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4bk0v890894587za200zb79783485&_p=1732901096432&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1941793914.1732901097&ecid=7317237&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EEA&_s=3&sid=1732901096&sct=1&seg=0&dl=https%3A%2F%2Fsosexyunwrapped.itworks.com%2F&dt=It%20Works!&en=scroll&epn.percent_scrolled=90&_et=4&tfd=2464
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sosexyunwrapped.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
text/plain
server
Golfe2
rum
sosexyunwrapped.itworks.com/cdn-cgi/
0
150 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/cdn-cgi/rum?
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://sosexyunwrapped.itworks.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8ea44b587ba29bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
date
Fri, 29 Nov 2024 17:24:58 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.svg
static.myitworks.com/themes/rws-v3/images/
841 B
1 KB
Other
General
Full URL
https://static.myitworks.com/themes/rws-v3/images/favicon.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1079 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

Content-Encoding
gzip
CF-Cache-Status
HIT
etag
W/"28dcb8f1704cd91:0"
Age
1054
Expires
Fri, 29 Nov 2024 21:24:58 GMT
Date
Fri, 29 Nov 2024 17:24:58 GMT
Content-Type
image/svg+xml
last-modified
Wed, 01 Mar 2023 19:06:35 GMT
Vary
Accept-Encoding
access-control-allow-headers
Content-Type,Authorization
Transfer-Encoding
chunked
Cache-Control
public, max-age=14400
Connection
keep-alive
CF-RAY
8ea44b58af0f3655-FRA
access-control-allow-origin
*
Server
cloudflare
8ea44b497e199bf8
sosexyunwrapped.itworks.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame FB77
0
664 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/cdn-cgi/challenge-platform/h/b/jsd/r/8ea44b497e199bf8
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/json
Referer

Response headers

cf-ray
8ea44b58cbe39bf8-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b58dbe99bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:24:58 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/
43 KB
0
EventSource
General
Full URL
https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.235.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa1ba9bef7b18c265.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Cache-Control
no-cache
Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
cache-control
no-cache, no-store, must-revalidate
ld-region
eu-west-1
access-control-allow-methods
GET,OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
text/event-stream; charset=utf-8
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4bk0v890894587z879783485za200zb79783485&_p=1732901096432&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1941793914.1732901097&ecid=7317237&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=4&sid=1732901096&sct=1&seg=0&dl=https%3A%2F%2Fsosexyunwrapped.itworks.com%2F&dt=It%20Works!&en=page_load_time&epn.loading_time_sec=2.46&_et=1604&tfd=2705
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sosexyunwrapped.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
text/plain
server
Golfe2
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4bk0v890894587za200zb79783485&_p=1732901096432&_gaz=1&gcs=G111&gcu=1&gcd=13r3r3r2r5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&gcut=3&cid=1941793914.1732901097&ecid=7317237&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=5&sid=1732901096&sct=1&seg=0&dl=https%3A%2F%2Fsosexyunwrapped.itworks.com%2F&dt=It%20Works!&en=user_engagement&ep.ga_temp_client_id=1941793914.1732901097&ep.ga_temp_ecid=7317237&_et=241&tfd=2705
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sosexyunwrapped.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
563 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B9ZCN4XJNP&cid=1941793914.1732901097&gtm=45je4bk0v890894587za200zb79783485&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4bk0v79783485za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://sosexyunwrapped.itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:24:58 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 68F3
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-B9ZCN4XJNP&gacid=1941793914.1732901097&gtm=45je4bk0v890894587za200zb79783485&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&z=1293879709
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4bk0v79783485za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://sosexyunwrapped.itworks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Nov 2024 17:24:58 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-B9ZCN4XJNP&cid=1941793914.1732901097&gtm=45je4bk0v890894587za200zb79783485&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=980735772
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Fri, 29 Nov 2024 17:24:58 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
US
services.itworks.com/countries/v1/countrysettings/
709 B
922 B
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings/US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

correlationid
f4ce09e064b2e59cbd34736010914168
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Fri, 29 Nov 2024 21:24:59 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:59 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
954e005a-05bd-43e6-a7a7-0681a98f31a7
last-modified
Fri, 29 Nov 2024 17:24:59 GMT
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8ea44b5faaecd345-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
US
services.itworks.com/countries/v1/countrysettings/
709 B
0
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings/US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

correlationid
f4ce09e064b2e59cbd34736010914168
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Fri, 29 Nov 2024 21:24:59 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:59 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
954e005a-05bd-43e6-a7a7-0681a98f31a7
last-modified
Fri, 29 Nov 2024 17:24:59 GMT
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8ea44b5faaecd345-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b60edecd345-FRA
date
Fri, 29 Nov 2024 17:24:59 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230130-FRA
site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
33 KB
7 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=en-US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d17b6e37d3db4b1f5703a79c122955e0c0a41f9986459507a93a5d42630751fc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:29:59 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:59 GMT
x-request-charge
46
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230093-FRA, cache-fra-eddf8230101-FRA
x-cache-hits
0, 2
last-modified
Fri, 29 Nov 2024 17:24:59 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732753848.701282,VS0,VE768
referrer-policy
no-referrer
cf-ray
8ea44b612eabd345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6704
server
cloudflare
sosexyunwrapped
services.itworks.com/customer/v1/profiles/
0
454 B
XHR
General
Full URL
https://services.itworks.com/customer/v1/profiles/sosexyunwrapped
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

correlationid
63dc8c47209f4591e601f505c401bea5
xdebug
S:
access-control-expose-headers
CorrelationId
cf-cache-status
MISS
expires
Fri, 29 Nov 2024 17:25:30 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
xpassedheaderkey
S:
messageid
334ef9eb-2851-4e77-a8e8-1c011dae5782
vary
Accept-Encoding
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, max-age=30
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8ea44b616f43d345-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
shipping_method_static_content
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/shipping_method_static_content?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b616f4ad345-FRA
date
Fri, 29 Nov 2024 17:24:59 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230089-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b616f4ed345-FRA
date
Fri, 29 Nov 2024 17:24:59 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230130-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b616f50d345-FRA
date
Fri, 29 Nov 2024 17:24:59 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230030-FRA
shipping_method_static_content
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
28 KB
7 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/shipping_method_static_content?depth=99&language=en-US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acc7bdc9dc2f60d65ca2dd0850885287b39fbf4c37ac3f3368640a8580b8f7f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:29:59 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:59 GMT
x-request-charge
54
content-type
application/json; charset=utf-8
x-served-by
cache-bma1671-BMA, cache-bma1646-BMA
x-cache-hits
0, 1
last-modified
Fri, 29 Nov 2024 17:24:59 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732653242.154447,VS0,VE460
referrer-policy
no-referrer
cf-ray
8ea44b619829d345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
6252
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
71 KB
12 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=en-US&limit=1
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
686472c4e28141b1b8b4433c5b529cb74fc99219396897f6daafed92b4b50378
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:29:59 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:59 GMT
x-request-charge
45
content-type
application/json; charset=utf-8
x-served-by
cache-vie6331-VIE, cache-vie6336-VIE
x-cache-hits
0, 1
last-modified
Fri, 29 Nov 2024 17:24:59 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732757682.368276,VS0,VE468
referrer-policy
no-referrer
cf-ray
8ea44b619804d345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
12324
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
4 KB
2 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=en-US&limit=1
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48297ac13e76efd39f64d23005c41a9d27bf6528ec62faba0715f07fc42a0260
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:29:59 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:59 GMT
x-request-charge
1
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230041-FRA, cache-fra-eddf8230053-FRA
x-cache-hits
0, 0
last-modified
Fri, 29 Nov 2024 17:24:59 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732753849.856039,VS0,VE101
referrer-policy
no-referrer
cf-ray
8ea44b61a846d345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1588
server
cloudflare
lo.js
d20519brkbo4nz.cloudfront.net/core/
13 KB
5 KB
Script
General
Full URL
https://d20519brkbo4nz.cloudfront.net/core/lo.js?site-id=b5b84745
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/main.05051b540671ea5a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:8200:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f856c8414143f27e5dd06dab33f37003f605eb4ac572f908c08123d2973bc9e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
gzip
etag
"2e76f2975071a8eb95d665a06b06cae4"
age
2776
x-cache
Hit from cloudfront
x-amz-cf-id
_Pm5DuCdOn0eGBFbapqdP0Ddj11JQ3V0ZA1f7jsw3Z3BWZ_d0vOLSg==
date
Fri, 29 Nov 2024 16:38:43 GMT
content-type
text/javascript
vary
accept-encoding
last-modified
Wed, 06 Nov 2024 20:50:22 GMT
cache-control
max-age=3600
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
4678
x-amz-cf-pop
FRA6-C1
server
AmazonS3
x-amz-server-side-encryption
AES256
b5b84745
settings.luckyorange.com/
149 B
239 B
Fetch
General
Full URL
https://settings.luckyorange.com/b5b84745
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash
64b1fb0730a1573b37b164dc32848fd6298ca1116285991f86228c42b312d52a

Request headers

x-lucky-uid
undefined
Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
x-lucky-referrer

Response headers

access-control-allow-credentials
true
via
1.1 google
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
149
date
Fri, 29 Nov 2024 17:24:59 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
b5b84745
settings.luckyorange.com/ Frame
0
0
Preflight
General
Full URL
https://settings.luckyorange.com/b5b84745
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
234.203.107.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods
POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
https://sosexyunwrapped.itworks.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 29 Nov 2024 17:24:59 GMT
via
1.1 google
header_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/header_v2?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b62294bd345-FRA
date
Fri, 29 Nov 2024 17:24:59 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230089-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b62294dd345-FRA
date
Fri, 29 Nov 2024 17:24:59 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230130-FRA
footer_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/footer_v2?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b62294ed345-FRA
date
Fri, 29 Nov 2024 17:24:59 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230030-FRA
header_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
165 KB
31 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/header_v2?depth=99&language=en-US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40de9dce6925143754290df4d2ce2c30aede203a6d444ba50bdd2c5d6c61a438
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:29:59 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:59 GMT
x-request-charge
125
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230147-FRA, cache-fra-eddf8230079-FRA
x-cache-hits
0, 2
last-modified
Fri, 29 Nov 2024 17:24:59 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732753849.454335,VS0,VE422
referrer-policy
no-referrer
cf-ray
8ea44b6249a3d345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
31397
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
424 KB
109 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=en-US&limit=1
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6efd263e86a0fad177ebe779681067bf4a9d8606cb543e3e71e23af9be8e7bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:29:59 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:59 GMT
x-request-charge
325
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230035-FRA, cache-fra-eddf8230029-FRA
x-cache-hits
0, 1
last-modified
Fri, 29 Nov 2024 17:24:59 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732753849.451351,VS0,VE450
referrer-policy
no-referrer
cf-ray
8ea44b62499ed345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
111285
server
cloudflare
footer_v2
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
66 KB
11 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/footer_v2?depth=99&language=en-US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92d5d83378e4f715a5a194afb2de4799954b0e0225164fa6144c5f1302a26595
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:29:59 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:59 GMT
x-request-charge
42
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220154-FRA, cache-fra-eddf8230027-FRA
x-cache-hits
0, 3
last-modified
Fri, 29 Nov 2024 17:24:59 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732002585.477742,VS0,VE399
referrer-policy
no-referrer
cf-ray
8ea44b6249a7d345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
10580
server
cloudflare
ico-close-small-white.svg
sosexyunwrapped.itworks.com/portal/
383 B
619 B
Image
General
Full URL
https://sosexyunwrapped.itworks.com/portal/ico-close-small-white.svg
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/styles.d19a2841d4f74e4b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/portal/styles.d19a2841d4f74e4b.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"17f-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:25:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b622b3b9bf8-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer
https://sosexyunwrapped.itworks.com/

Response headers

age
162226
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 27 Nov 2025 20:21:13 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 27 Nov 2024 20:21:13 GMT
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8000
x-xss-protection
0
server
sffe
details
services.itworks.com/customer/v1/profiles/sosexyunwrapped/
0
453 B
XHR
General
Full URL
https://services.itworks.com/customer/v1/profiles/sosexyunwrapped/details
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

correlationid
0079e7172ba835025bd7b23ae059a10a
xdebug
S:
access-control-expose-headers
CorrelationId
cf-cache-status
MISS
expires
Fri, 29 Nov 2024 17:25:30 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
xpassedheaderkey
S:
messageid
51264879-1499-47a1-9bae-93f158aedd65
vary
Accept-Encoding
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, max-age=30
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8ea44b628a44d345-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
bag
sosexyunwrapped.itworks.com/ajax/
1 KB
986 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/ajax/bag
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
no-store,no-cache,no-cache, no-store, must-revalidate
content-encoding
gzip
cf-cache-status
DYNAMIC
pragma
no-cache,no-cache
cf-ray
8ea44b62ab989bf8-FRA
expires
Thu, 28 Nov 2024 17:25:00 GMT,0
x-iwgtime
11/29/2024 11:25:00 AM
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/json; Charset=utf-8
server
cloudflare
x-frame-options
SAMEORIGIN
countrysettings
services.itworks.com/countries/v1/
11 KB
2 KB
XHR
General
Full URL
https://services.itworks.com/countries/v1/countrysettings
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

correlationid
a29185a91fb549d005d352e26574a47e
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Fri, 29 Nov 2024 21:25:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
5f1e9578-8a4d-4c00-a278-a846e5753cc2
last-modified
Fri, 29 Nov 2024 17:25:00 GMT
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8ea44b62aab4d345-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62ab9a9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62ab9b9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62ab9e9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62ab9f9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62aba09bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62aba19bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bba39bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bba89bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bba99bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbab9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbae9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbb09bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbb29bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbb49bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbb69bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbb79bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbba9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbbb9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbbe9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbbf9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62bbc29bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
It%20Works%21%20Logo.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/00b19595-5197-4d3a-98b5-bf7ae1d9bf70/
6 KB
6 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/00b19595-5197-4d3a-98b5-bf7ae1d9bf70/It%20Works%21%20Logo.svg?h=25&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
541d5c9825bd44636e773090fc882bb69d8d978c99b5e1ddf62f30538774755a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DCE13612E784DA
x-timer
S1732901100.000829,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
6005
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Mon, 30 Sep 2024 09:55:54 GMT
x-served-by
cache-iad-kiad7000122-IAD, cache-fra-etou8220087-FRA
x-cache-hits
9, 0
Daily_Routine_WEB_2000x2000.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3d0696ae-a774-4198-a483-411348631671/
4 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3d0696ae-a774-4198-a483-411348631671/Daily_Routine_WEB_2000x2000.jpg?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a12d20090da3b4b1b0eb020379148e317323e1fea3087723d4186c54d22e5946

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=767146 idim=2000x2000 ifmt=jpeg ofsz=3610 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"EHFptWvevg/7gDBdULgzNx8gcObg45WaVVgAuIhnVGs"
x-timer
S1732901100.000867,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
3610
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200105-IAD, cache-fra-etou8220087-FRA
x-cache-hits
12, 0
Listing%20Image-Slimming%20Trio%20Essentials%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/70af87cc-cf2b-4514-92d3-b83ca36f21b8/
18 KB
18 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/70af87cc-cf2b-4514-92d3-b83ca36f21b8/Listing%20Image-Slimming%20Trio%20Essentials%20System.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d34d2bfeea83103cd26afcf72edefdd91bd710234af44374edc3506b148ae40c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=491364 idim=1080x1080 ifmt=png ofsz=18276 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"hNyQARwXrw5DMuNnmhYuMkQASzKZSGoBhbXpKfbiG4o"
x-timer
S1732901100.000467,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18276
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010247
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100040-IAD, cache-fra-etou8220087-FRA
x-cache-hits
12, 0
Listing%20Image-Slimming%20Trio%20Essentials%20System%20-%20Caffeine%20Free.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c777ac87-d994-4188-8cef-0fb32fc4b495/
17 KB
17 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c777ac87-d994-4188-8cef-0fb32fc4b495/Listing%20Image-Slimming%20Trio%20Essentials%20System%20-%20Caffeine%20Free.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5aead7887510db7045f3374e5c70a88f9ebf8eeca74235435ec0cb2fdb1c2f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=422817 idim=1080x1080 ifmt=png ofsz=17420 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"94H+b0/xmLnGmRTrA+lBiGvs6oSjgq8dxy1xChr8ZgM"
x-timer
S1732901100.000400,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
17420
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
img07-us-east4
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200085-IAD, cache-fra-etou8220087-FRA
x-cache-hits
40, 0
SlimmingDeluxeSystem-SKU41702-listing-image1080x1080-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a1d564f3-6d08-41a6-824b-dad36b36406a/
18 KB
19 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a1d564f3-6d08-41a6-824b-dad36b36406a/SlimmingDeluxeSystem-SKU41702-listing-image1080x1080-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
371734ccf792a68daff9693f3f46354567058c36ff02354a849237a43c1187b8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=748668 idim=1080x1080 ifmt=png ofsz=18850 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"zJq4RwfoZcWNVb6smCq/S2UDlO2pZ/0GZiYAU9G2iww"
x-timer
S1732901100.000142,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18850
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100126-IAD, cache-fra-etou8220087-FRA
x-cache-hits
13, 0
FLAT_FLAT1027_US_900px.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eeef4f00-58f6-4e93-a116-02eea1af0ecc/
4 KB
5 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eeef4f00-58f6-4e93-a116-02eea1af0ecc/FLAT_FLAT1027_US_900px.jpg?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
027d5dde165217da2bb31aa5878ebc0b962d49096b31ab956f4c3d0af2a0dd98

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=116993 idim=900x900 ifmt=jpeg ofsz=4402 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"Ordn/fJPemS2uS8kjEL2JhxdEkPkSpwZqU3bPW2hI1E"
x-timer
S1732901100.000229,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4402
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010229
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200138-IAD, cache-fra-etou8220087-FRA
x-cache-hits
14, 0
Healthy%20Gut%20Essentials%20System%20Listing_US%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/baf65e9f-123d-4303-9741-5bf44826c6ae/
20 KB
20 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/baf65e9f-123d-4303-9741-5bf44826c6ae/Healthy%20Gut%20Essentials%20System%20Listing_US%20%281%29.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d92dbd1300eef39f0b27ca0e2a01087a64e3d84384a9196425fce5713cea7921

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=735680 idim=1080x1080 ifmt=png ofsz=20632 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"05yNz5HgXL6bOgCv6BhV1uWL3NyHiHD1zEhqMa5X2Y8"
x-timer
S1732901100.026902,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
20632
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010229
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200054-IAD, cache-fra-etou8220087-FRA
x-cache-hits
13, 0
Healthy%20Gut%20Deluxe%20System%20Listing_US%20%283%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4d6147a3-8b88-4f38-8720-afddf97952e4/
18 KB
18 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4d6147a3-8b88-4f38-8720-afddf97952e4/Healthy%20Gut%20Deluxe%20System%20Listing_US%20%283%29.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b9a8a9616e00c029d5725cc5dd0c49d15497f03efd13e7489864d61a85ac2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=647231 idim=1080x1080 ifmt=png ofsz=18164 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"wCjiigwKIFqu44d4wZ6lvkkYe5lke/ihqT94TKaMDq4"
x-timer
S1732901100.027148,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18164
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100080-IAD, cache-fra-etou8220087-FRA
x-cache-hits
13, 0
listing%20image-Morning%20Trio-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/95e2b755-e710-4622-bdd5-0b545639977a/
19 KB
19 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/95e2b755-e710-4622-bdd5-0b545639977a/listing%20image-Morning%20Trio-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5520e06b9dfd27b6470edd04bf2c378852a9954e2b3bd7ce0368675946a7c82e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=588781 idim=1080x1080 ifmt=png ofsz=19724 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"T3DiB0ISd+pu96omkJkY0sM9wqPoVYR7qUoPtbLTyIc"
x-timer
S1732901100.027450,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
19724
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
img03-us-east4
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000176-IAD, cache-fra-etou8220087-FRA
x-cache-hits
14, 0
mega-menu-greens-multi-us.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/afcdf691-4db5-427e-a72d-796eda2dfb38/
8 KB
8 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/afcdf691-4db5-427e-a72d-796eda2dfb38/mega-menu-greens-multi-us.jpg?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dfd4a1547459f6dc1c2990a4ca2b5414ca38bd4404f2c1da8558031c237ba156

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1211862 idim=1080x1080 ifmt=jpeg ofsz=8122 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"wK4XJlVTauZoKPX7MndUcsqpTld0eM/59zEUrIbL1Gk"
x-timer
S1732901100.027635,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
8122
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010250
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000035-IAD, cache-fra-etou8220087-FRA
x-cache-hits
14, 0
listing%20image-collagen%20ultra-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b4cb8457-040f-4dcd-a550-c133f4450e73/
16 KB
16 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b4cb8457-040f-4dcd-a550-c133f4450e73/listing%20image-collagen%20ultra-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
893943a40dc646ad4f2582ed5012a0dbc63be6f2f2ad6986ad3693690cd20992

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=637698 idim=1080x1080 ifmt=png ofsz=16472 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"7njnFBmymNr8aYF5J9ptVil/o/OdhGLDBTnWyYS3Uc8"
x-timer
S1732901100.028076,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
16472
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200073-IAD, cache-fra-etou8220087-FRA
x-cache-hits
13, 0
37701VALUE-Skinny%20Hydrate-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/bede3f8e-a4d7-4f81-ba07-484114220dfa/
36 KB
37 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/bede3f8e-a4d7-4f81-ba07-484114220dfa/37701VALUE-Skinny%20Hydrate-1080x1080.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f6093b16472adce538b1ed39291e9fa93f528611e14e4ce17540548376b8a3c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1487113 idim=1081x1081 ifmt=png ofsz=37334 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"DkBtoopRVLU08oyiy2mmaYd3VVJ9Fd5JBPrRqQebQQc"
x-timer
S1732901100.027940,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
37334
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
img01-us-east4
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100042-IAD, cache-fra-etou8220087-FRA
x-cache-hits
7, 0
37101TFVALUE-Superfood-Smoothie-Tropical-Fruit-1080x1080-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eba43fff-ac46-4563-a3ee-51126393b6a3/
26 KB
26 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/eba43fff-ac46-4563-a3ee-51126393b6a3/37101TFVALUE-Superfood-Smoothie-Tropical-Fruit-1080x1080-min.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ae355ec264fc32deecb1bc5ab9863d755b9a4dbdd71cd687aedcfc130f067291

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=322619 idim=1081x1081 ifmt=png ofsz=26212 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"msKolWHPOL2/Z75HvTTescyJRP1cyC3ZxxC5FSC1wwk"
x-timer
S1732901100.027664,VS0,VE9
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
26212
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010217
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100172-IAD, cache-fra-etou8220087-FRA
x-cache-hits
7, 0
FIRM-0839-US-X2%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3db6da37-e6e2-4bcb-be85-6ce517bee550/
4 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3db6da37-e6e2-4bcb-be85-6ce517bee550/FIRM-0839-US-X2%201.png?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
16947687beb9dc990fd780f4144efdb292d9474c1f74497aa9a917f03d93f026

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1117129 idim=900x900 ifmt=png ofsz=4130 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"7D2y4blKqR8cDJGCXoI89NoR08KZMfbOMvjSOu4yO9c"
x-timer
S1732901100.028710,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4130
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200021-IAD, cache-fra-etou8220087-FRA
x-cache-hits
14, 0
Image%201%20Listing%20Image%20US%20Body%20Trio.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9f3f2ff9-d3d2-4881-a283-eccc750532e2/
17 KB
17 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9f3f2ff9-d3d2-4881-a283-eccc750532e2/Image%201%20Listing%20Image%20US%20Body%20Trio.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f85430cdc730c3f6138eaa1d8491508bdaac5417f50a9155a30da65f2bf71603

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=808237 idim=1080x1080 ifmt=png ofsz=17490 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"SjnVJ3V8YIHhA+l2v++3nzX7viPFww4sOHZokmcndY8"
x-timer
S1732901100.028464,VS0,VE4
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
17490
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100024-IAD, cache-fra-etou8220087-FRA
x-cache-hits
11, 0
Hair%2BBody%20Set.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3718ceb9-95c4-4e84-b284-14dbb39e8576/
21 KB
21 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3718ceb9-95c4-4e84-b284-14dbb39e8576/Hair%2BBody%20Set.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0bca1585cfca8f2b441e7182276fb74de04791acb5d5749eaf411663ceacef5a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=568327 idim=1080x1080 ifmt=png ofsz=21332 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"fK7fF/syS74m6g5iTk6X/qdOBSA3S5kMdUvxuj5j9jU"
x-timer
S1732901100.028402,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
21332
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010214
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200027-IAD, cache-fra-etou8220087-FRA
x-cache-hits
15, 0
Sugar%20Cookie%20Substance%20Images2%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/dcb572d7-41dc-47c1-a42d-2101093705ca/
5 KB
5 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/dcb572d7-41dc-47c1-a42d-2101093705ca/Sugar%20Cookie%20Substance%20Images2%20%281%29.png?w=150&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
349070e7a44a2c6e0cb83d8553f6ff84e2ba63fc95bd4bf6a2c78e8815202c1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1120696 idim=1080x1080 ifmt=png ofsz=5266 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"rkmDltiOGFHSIJTFxfan4XHHzfUeScsAe1dlOF7fNfg"
x-timer
S1732901100.028696,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
5266
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010250
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100175-IAD, cache-fra-etou8220087-FRA
x-cache-hits
15, 0
Coffee%20Sampler%20Pack-listing%20images.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/580f7c16-4a6a-4562-b14e-017d09460173/
18 KB
19 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/580f7c16-4a6a-4562-b14e-017d09460173/Coffee%20Sampler%20Pack-listing%20images.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
52fbeac0ef5949dc15505d9c399e60f7e889fbee6274faa71a9a97e1481e85ed

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=740186 idim=1080x1080 ifmt=png ofsz=18654 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"9+Xf2TcNX50GDBJ+zLDH8phLGslM3vNrw5QrNaovWMU"
x-timer
S1732901100.028934,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
18654
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010227
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200061-IAD, cache-fra-etou8220087-FRA
x-cache-hits
14, 0
listing%20image-Morning%20Trio-skinnybrew-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/305792d2-0bdc-41e6-a48d-a5006482578c/
19 KB
19 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/305792d2-0bdc-41e6-a48d-a5006482578c/listing%20image-Morning%20Trio-skinnybrew-US.png?w=450&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76e7797c039a87bac86bfd1b7e242a7fe9cca40ef1e122fd577c7c5809a2a8c4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=653820 idim=1080x1080 ifmt=png ofsz=19544 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"7CcZJuH8i1mJecd6UP2IvB121kBnMbaWhhAHiPNQh5o"
x-timer
S1732901100.028867,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
19544
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010216
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200029-IAD, cache-fra-etou8220087-FRA
x-cache-hits
13, 0
TFXX-Substance%20Images4.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e9441474-4fd9-4c5a-b3ea-26ef37a9315b/
3 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e9441474-4fd9-4c5a-b3ea-26ef37a9315b/TFXX-Substance%20Images4.png?w=150&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
69e067e12d35f19d81236ce13b12dc0212198ec308c943cbfa965917770785d2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=901529 idim=900x900 ifmt=png ofsz=3312 odim=150x150 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"5caQpgzngpqM93OjhZFn0ZSVgQ0yNXObj0AtYo4VQEI"
x-timer
S1732901100.023098,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
3312
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010227
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100086-IAD, cache-fra-etou8220152-FRA
x-cache-hits
14, 0
38601VALUE-Skinny-Proffee-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/78f9ac4e-7c03-44e2-b6c8-161d877a063e/
32 KB
33 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/78f9ac4e-7c03-44e2-b6c8-161d877a063e/38601VALUE-Skinny-Proffee-1080x1080.png?w=450&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
13ce14e782b5d1654868ee929c6582d4e323fe777d40137f63436fd04abccdc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1218856 idim=1081x1081 ifmt=png ofsz=33006 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"P1Y6L59K9KUbV6u0qZ4SFqEipFZdil9aWzalvopMcnc"
x-timer
S1732901100.026240,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
33006
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000159-IAD, cache-fra-etou8220152-FRA
x-cache-hits
14, 0
37501VALUE-Power%20Hydrate-1080x1080%20%281%29-min.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7a6cd079-09df-4cd2-b9ba-07dc5e04abf2/
17 KB
17 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/7a6cd079-09df-4cd2-b9ba-07dc5e04abf2/37501VALUE-Power%20Hydrate-1080x1080%20%281%29-min.png?w=450&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7d3a5c14c1aa5549f33fc18ec25f66b70ca9703a6407464d5a951d9239a17f05

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=271713 idim=1081x1081 ifmt=png ofsz=17076 odim=450x450 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"2M8fg1vVPJZcWzDOO46NvovEx/W9MENMLcBuub9vLgc"
x-timer
S1732901100.026269,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
17076
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010212
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000056-IAD, cache-fra-etou8220152-FRA
x-cache-hits
13, 0
Perks%20Member%205%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/
29 KB
29 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/Perks%20Member%205%201.png?w=500&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95ad3a4e268330737e27ab319b967bd876d34ff11d061b7272060e57f89c21ba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=4578526 idim=2000x1600 ifmt=png ofsz=29346 odim=500x400 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"iVlSEg5aLoFtfkXj6WiTTO1Q+Z/AcRoG/fyyIq7o3No"
x-timer
S1732901100.026311,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
29346
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010211
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100113-IAD, cache-fra-etou8220152-FRA
x-cache-hits
2, 0
Perks%20Member.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/
27 KB
27 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/Perks%20Member.jpg?w=500&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
496c6f4130c58605065dc4de7dcfc7954587927810df71251997e10dab1ca636

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=6791563 idim=3392x2729 ifmt=jpeg ofsz=27266 odim=500x402 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"aAtz7OaTUelXDUp5O/nrC2pEQmyMyy/suDP8+76GwEw"
x-timer
S1732901100.026847,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
27266
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010246
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000075-IAD, cache-fra-etou8220152-FRA
x-cache-hits
2, 0
conference-2025-5_4-ratio%20%281%29.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb35ddd8-4aae-42ab-a617-6d79aaa25687/
8 KB
9 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb35ddd8-4aae-42ab-a617-6d79aaa25687/conference-2025-5_4-ratio%20%281%29.jpg?w=450&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1d710c548f888055f380f9fff8aec43d5f2bbf702c9aa12e1e3c35b76dfb5713

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=201672 idim=1000x800 ifmt=jpeg ofsz=8416 odim=450x360 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"iZe6EuntVRuSVkh+QTJ+EOLN8MXyon54kCz6qlEog8I"
x-timer
S1732901100.026844,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
8416
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010229
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000150-IAD, cache-fra-etou8220152-FRA
x-cache-hits
842, 0
Gear%20Store%20Nav%20Image%20%281%29%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3505a99c-67d5-4cf8-bf8d-41ab7f184f09/
15 KB
15 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3505a99c-67d5-4cf8-bf8d-41ab7f184f09/Gear%20Store%20Nav%20Image%20%281%29%201.jpg?w=450&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d3db141429a250044d131a10847e705de586b775973b22d29dd4c41260e27e17

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=660077 idim=1286x965 ifmt=jpeg ofsz=15280 odim=450x338 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"UOR8koITO1B4VhUIyp9OfNX+gvzgtF29nMgpONeGcAM"
x-timer
S1732901100.027363,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
15280
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010231
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200167-IAD, cache-fra-etou8220152-FRA
x-cache-hits
13, 0
primary_shop_now_to_deals
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/primary_shop_now_to_deals?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b62fb67d345-FRA
date
Fri, 29 Nov 2024 17:25:00 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230030-FRA
global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b62fb6bd345-FRA
date
Fri, 29 Nov 2024 17:25:00 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230089-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b62fb6dd345-FRA
date
Fri, 29 Nov 2024 17:25:00 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230130-FRA
untitled_content_item_4fdcd53
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_4fdcd53?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b630b87d345-FRA
date
Fri, 29 Nov 2024 17:25:00 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230089-FRA
gut_essentials_shop_now
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/gut_essentials_shop_now?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b630b89d345-FRA
date
Fri, 29 Nov 2024 17:25:00 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230130-FRA
sugar_cookie_shop_now_to_pdp
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/sugar_cookie_shop_now_to_pdp?depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b630b8ad345-FRA
date
Fri, 29 Nov 2024 17:25:00 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230030-FRA
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62dbd89bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62dbdc9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
details
services.itworks.com/customer/v1/profiles/sosexyunwrapped/
0
0
XHR
General
Full URL
https://services.itworks.com/customer/v1/profiles/sosexyunwrapped/details
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

correlationid
0079e7172ba835025bd7b23ae059a10a
xdebug
S:
access-control-expose-headers
CorrelationId
cf-cache-status
MISS
expires
Fri, 29 Nov 2024 17:25:30 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
xpassedheaderkey
S:
messageid
51264879-1499-47a1-9bae-93f158aedd65
vary
Accept-Encoding
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, max-age=30
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8ea44b628a44d345-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
products
services.itworks.com/product/v1/categories/best-sellers/
12 KB
2 KB
XHR
General
Full URL
https://services.itworks.com/product/v1/categories/best-sellers/products?country=US&language=en&customerType=LC&orderType=Shopping
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc9d671ca07085015d0aa4382112952ba9c026209a406752223df07d8a8d3317
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://sosexyunwrapped.itworks.com/

Response headers

correlationid
117745caf81f830c751d2a3640f7b249
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
9b0438e0-ece3-4c0f-a159-d1d55c728caa
last-modified
Fri, 29 Nov 2024 17:25:00 GMT
xcalledservice
S:https://see-inbound-policy.com/
strict-transport-security
max-age=2592000
cache-control
public, s-maxage=300, max-age=30, stale-while-revalidate=15
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8ea44b62eb2ad345-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
E-v1.js
fast.wistia.com/assets/external/
843 KB
144 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/main.05051b540671ea5a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8bde8c262105b0b4001279d19d0aeab2915799d7869b34e2a07bfe6834aeefe3
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
br
etag
"cfd47b28ccfe165b0a5c5a018a4ea672"
age
3419
x-cache
HIT, HIT
date
Fri, 29 Nov 2024 17:25:00 GMT
last-modified
Wed, 27 Nov 2024 19:27:31 GMT
x-served-by
cache-iad-kiad7000159-IAD, cache-fra-etou8220026-FRA
x-cache-hits
30, 8
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1732901100.029544,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
146816
asset-version
40669335fc221c473cbbda5170bd8173445157ee
server
AmazonS3
x-amz-server-side-encryption
AES256
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62fbea9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62fbeb9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
primary_shop_now_to_deals
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
10 KB
3 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/primary_shop_now_to_deals?depth=99&language=en-US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65d903dccf854e3d4773f29d0e3be13bb68af2783af665ae4586a18ad7518ccd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:30:00 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
x-request-charge
7
content-type
application/json; charset=utf-8
x-served-by
cache-vie6373-VIE, cache-vie6363-VIE
x-cache-hits
0, 1
last-modified
Fri, 29 Nov 2024 17:25:00 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732726900.889009,VS0,VE421
referrer-policy
no-referrer
cf-ray
8ea44b632c06d345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2548
server
cloudflare
global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
1 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=en-US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c097e1027f753314a7dd90cb77375c5ac6782186da491ad822c7b0b584d804bc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:30:00 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
x-request-charge
1
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230094-FRA, cache-fra-eddf8230020-FRA
x-cache-hits
0, 1
last-modified
Fri, 29 Nov 2024 17:25:00 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1731571483.009556,VS0,VE380
referrer-policy
no-referrer
cf-ray
8ea44b632bfdd345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
621
server
cloudflare
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
54 KB
14 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=en-US&limit=1
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f0b991341c5ee865f300b79379c04948cb14436ac1a336092c7f4d036cf98df
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:30:00 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
x-request-charge
38
content-type
application/json; charset=utf-8
x-served-by
cache-vie6353-VIE, cache-vie6337-VIE
x-cache-hits
0, 0
last-modified
Fri, 29 Nov 2024 17:25:00 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732761571.406971,VS0,VE428
referrer-policy
no-referrer
cf-ray
8ea44b632bfbd345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
13984
server
cloudflare
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62fbee9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62fbef9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62fbf09bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62fbf29bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62fbf59bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b62fbf69bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
untitled_content_item_4fdcd53
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_4fdcd53?depth=99&language=en-US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67a95fff86e458504a10a5445c9e3bea23494aa4fd52561c0ce0988fd951d076
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:30:00 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
x-request-charge
2
content-type
application/json; charset=utf-8
x-served-by
cache-ams21041-AMS, cache-ams21070-AMS
x-cache-hits
0, 0
last-modified
Fri, 29 Nov 2024 17:25:00 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732699025.872292,VS0,VE101
referrer-policy
no-referrer
cf-ray
8ea44b633c13d345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
963
server
cloudflare
gut_essentials_shop_now
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/gut_essentials_shop_now?depth=99&language=en-US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c4071373971f9806d9244695a40aee5cfd39ba8973e880706c31de371210cd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:30:00 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
x-request-charge
2
content-type
application/json; charset=utf-8
x-served-by
cache-fra-etou8220067-FRA, cache-fra-eddf8230083-FRA
x-cache-hits
0, 0
last-modified
Fri, 29 Nov 2024 17:25:00 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732722965.745386,VS0,VE379
referrer-policy
no-referrer
cf-ray
8ea44b633c0ed345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
940
server
cloudflare
sugar_cookie_shop_now_to_pdp
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/
2 KB
1 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/sugar_cookie_shop_now_to_pdp?depth=99&language=en-US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f3fa7f0fd796bf675f2e7f0aac695f4be1ca0282540a2ccce59fab4da15fce
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:30:00 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
x-request-charge
2
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230041-FRA, cache-fra-eddf8230074-FRA
x-cache-hits
0, 0
last-modified
Fri, 29 Nov 2024 17:25:00 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732592897.924424,VS0,VE99
referrer-policy
no-referrer
cf-ray
8ea44b633c19d345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
976
server
cloudflare
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b630bfd9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b630bfe9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
Black%20Friday%20Homepage%20Banner%20Desktop.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/36eab53a-d3b8-4a19-94a1-34804e1d1904/
104 KB
104 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/36eab53a-d3b8-4a19-94a1-34804e1d1904/Black%20Friday%20Homepage%20Banner%20Desktop.jpg?fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d94efbd74579fca79b44d18fa974a67cc3263d59de33eeeca82fa5bdbd2aef84

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=286531 idim=4096x1676 ifmt=jpeg ofsz=106498 odim=4096x1676 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"fVr6Kmm3Vv1+g57UvvavJog9ZP+G+PpV7djDxFDRVzc"
x-timer
S1732901100.011732,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS, HIT
content-length
106498
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010211
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200084-IAD, cache-fra-etou8220087-FRA
x-cache-hits
0, 0
Weight%20Control%2016%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/39e82b93-eff1-4f8d-ae95-203a9f5b31ab/
25 KB
25 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/39e82b93-eff1-4f8d-ae95-203a9f5b31ab/Weight%20Control%2016%201.jpg?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6612a5882703839b3abb0db52ca478d4476c005dbe627bc9bc8735664f73046c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=5724952 idim=4096x2304 ifmt=jpeg ofsz=25744 odim=1080x608 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"6139G8ADMhfDfdAHKpSkTmBTibpZznub5xJFiVn5ICo"
x-timer
S1732901100.011083,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
25744
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010246
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100089-IAD, cache-fra-etou8220087-FRA
x-cache-hits
32, 1
Featured%20Category-Gut%20Health-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1ccd3fde-8b3b-4943-9f1f-6a5d4250c744/
42 KB
42 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1ccd3fde-8b3b-4943-9f1f-6a5d4250c744/Featured%20Category-Gut%20Health-US.png?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1fac3e4ab6275edf62271210d3ac8e2b77c182d5d17e0dcd59d89bc5fdbb6d4b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1321264 idim=1920x1080 ifmt=png ofsz=43016 odim=1080x608 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"KrWkiSW4s2ih5kh66zalOy9cfo/LbL4JMfjeDVOwkQk"
x-timer
S1732901100.011387,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
43016
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010247
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000052-IAD, cache-fra-etou8220087-FRA
x-cache-hits
28, 1
Active%20Lifestyle%2016.9%202%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/05953d3b-3b38-48c4-9768-b920a5361d1c/
39 KB
39 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/05953d3b-3b38-48c4-9768-b920a5361d1c/Active%20Lifestyle%2016.9%202%20%281%29.png?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf422544f33d68cc402b9a7389b4f15d5ce54a0d4981a657c2952c6a65ed9c6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=8855564 idim=6953x3911 ifmt=png ofsz=39654 odim=1080x607 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"+cGZuomO2WrYecWhYE03PLPHVNMrGiPaUc9cfjGE+s0"
x-timer
S1732901100.011058,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
39654
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010248
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100117-IAD, cache-fra-etou8220087-FRA
x-cache-hits
31, 1
Conf24-FIRM-Wrap-Defining%20Gel-1956-US-X2%201%20%281%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/842d20c5-a98f-4657-a248-9a2425aab527/
19 KB
20 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/842d20c5-a98f-4657-a248-9a2425aab527/Conf24-FIRM-Wrap-Defining%20Gel-1956-US-X2%201%20%281%29.png?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3920c003f19fdf6657c4bd18010ac6be95e6e900b7b2fbc4ca2f647c8e2ca003

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=259808 idim=992x559 ifmt=png ofsz=19816 odim=992x559 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"G+ugCUaixmYEFWvoSCN7vn0Tvc3/imD3E1yoYshZUqs"
x-timer
S1732901100.010685,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
19816
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200096-IAD, cache-fra-etou8220087-FRA
x-cache-hits
33, 1
Coffee%2016.9.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/93396919-133c-4bb5-93eb-4649915e3f2d/
34 KB
35 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/93396919-133c-4bb5-93eb-4649915e3f2d/Coffee%2016.9.png?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa20aa7e572a72d4b449019d735d93c957572bbf8ddef591336533a76264b7e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1993878 idim=3006x1691 ifmt=png ofsz=35274 odim=1080x608 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"gzzlCjHW+VBws/UZREJWHSe6vZRNiPtgLsl1FvQgmTM"
x-timer
S1732901100.010618,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
35274
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010215
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000033-IAD, cache-fra-etou8220087-FRA
x-cache-hits
6, 1
Shop%20All%2016.9%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5443a1b7-01c6-492b-a84a-6984845411dc/
29 KB
29 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/5443a1b7-01c6-492b-a84a-6984845411dc/Shop%20All%2016.9%201.jpg?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f239ebcaeae914c4ad3dbab07ec5d473da0938162ed714b06aee76fac77c1932

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=948574 idim=1920x1080 ifmt=jpeg ofsz=29516 odim=1080x608 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"KhLwwzTjllCAKZLitiVnWPGO5y4lnF3dQ4vP0d3xJH4"
x-timer
S1732901100.010606,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
29516
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010210
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100121-IAD, cache-fra-etou8220087-FRA
x-cache-hits
6, 1
Perks%20Member.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/
87 KB
87 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/Perks%20Member.jpg?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7249705d38d45667c9573d01f750e39a87a1ac9ebdbcd7e36b2d9dc7759cd94b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=6791563 idim=3392x2729 ifmt=jpeg ofsz=89072 odim=1080x869 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"lviakCqMB91dAcNDud3b3/N287w5Pu0iBrGqaFSv2iY"
x-timer
S1732901100.010601,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
89072
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010246
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000075-IAD, cache-fra-etou8220087-FRA
x-cache-hits
27, 1
Perks%20Member%205%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/
76 KB
76 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/Perks%20Member%205%201.png?w=1080&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6817e2797ce7771afca1bba2f58e69bb1740f92091428ff6b87af8385c19a1cf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=4578526 idim=2000x1600 ifmt=png ofsz=77820 odim=1080x864 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"oaVPn39LPIac7NWAMsTsZHx6cydSuwXsU8CxoFxRXNE"
x-timer
S1732901100.015236,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
77820
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010211
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100113-IAD, cache-fra-etou8220087-FRA
x-cache-hits
7, 1
Black%20Friday_US_30%20Day%20Drop%20System_with%20palm.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/50240ca0-06d3-435d-a5e1-431162da4de0/
24 KB
24 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/50240ca0-06d3-435d-a5e1-431162da4de0/Black%20Friday_US_30%20Day%20Drop%20System_with%20palm.jpg?w=1056&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f8432ad7f6da1fea69d56dcf18925971198095ae2d30ffaf8a613645f6c78a7f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=268519 idim=1350x1080 ifmt=jpeg ofsz=24264 odim=1056x845 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"ijOlMCmzsTKyal7kElPBXMKF3yUJZJkd41kC30o+Vqg"
x-timer
S1732901100.015965,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS, HIT
content-length
24264
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010215
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100100-IAD, cache-fra-etou8220087-FRA
x-cache-hits
0, 0
Black%20Friday_30-Day%20Gut%20Reset%20Essentials%20System_US.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1b00ddd6-bb5a-40dc-8529-e632adc37312/
55 KB
56 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1b00ddd6-bb5a-40dc-8529-e632adc37312/Black%20Friday_30-Day%20Gut%20Reset%20Essentials%20System_US.jpg?w=1056&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3b1c46457ffb85c80d2ea57045d1f46910c75ed7efa6c075fdb4abd623555b37

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=525541 idim=1350x1080 ifmt=jpeg ofsz=56700 odim=1056x845 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"U+FOH0DgEFnSLtRL2jLwMqULitb5cHulWNLp8KeSGpg"
x-timer
S1732901100.015965,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS, HIT
content-length
56700
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010214
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100102-IAD, cache-fra-etou8220087-FRA
x-cache-hits
0, 0
Black%20Friday_US_Sugar%20Cookie.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/aee0b2f6-9d4f-4b17-ae3b-8e835db06707/
33 KB
33 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/aee0b2f6-9d4f-4b17-ae3b-8e835db06707/Black%20Friday_US_Sugar%20Cookie.jpg?w=1056&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eacb09800283c6960dc661e6700fe37d4f1555376a0a582f8efc2c41faef1a69

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=343045 idim=1350x1080 ifmt=jpeg ofsz=33434 odim=1056x845 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"iUg2YKceu8xQynlbhnPJzfMab6upOjBt/N/edjYUuqc"
x-timer
S1732901100.015727,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
MISS, HIT
content-length
33434
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010216
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100022-IAD, cache-fra-etou8220087-FRA
x-cache-hits
0, 0
tri-leaf-white-svg.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/
1 KB
1 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/tri-leaf-white-svg.svg?w=20&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
35ca72ea1571b028a5dbd8b4238fc778832e836c466b9826bab57d5cdcf80dc7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DBDFDBC0C24953
x-timer
S1732901100.016421,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1160
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Tue, 07 Nov 2023 21:51:52 GMT
x-served-by
cache-iad-kiad7000102-IAD, cache-fra-etou8220087-FRA
x-cache-hits
1528, 1
lightbulb_innovation.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/
1 KB
2 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/lightbulb_innovation.svg?w=80&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0cdfed35e2d774231a81563470ecf23c3c0b6e6c48922a7c0e5198a0321c365b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC28D007CEFB54
x-timer
S1732901100.015662,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1362
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Thu, 08 Feb 2024 18:01:52 GMT
x-served-by
cache-iad-kcgs7200116-IAD, cache-fra-etou8220087-FRA
x-cache-hits
4, 1
handshake_community.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/
4 KB
5 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/handshake_community.svg?w=80&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
03de23361c1221c60ef0070ae7f6b1b30d047e2ed954b3ec03ce374887c523da

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC28D08D987F23
x-timer
S1732901100.015629,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4560
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Thu, 08 Feb 2024 18:05:37 GMT
x-served-by
cache-iad-kcgs7200117-IAD, cache-fra-etou8220087-FRA
x-cache-hits
24, 1
diversity_1_philanthropy.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/
4 KB
4 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/diversity_1_philanthropy.svg?w=80&fm=webp&lossless=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5015fb7de2d75e628a6a6efa053ce66de9b47398a3720a8bb14989f17835138f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC28D064DCF562
x-timer
S1732901100.015611,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
4248
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Thu, 08 Feb 2024 18:04:29 GMT
x-served-by
cache-iad-kjyo7100044-IAD, cache-fra-etou8220087-FRA
x-cache-hits
10206, 1
us.svg
sosexyunwrapped.itworks.com/portal/
4 KB
1 KB
Image
General
Full URL
https://sosexyunwrapped.itworks.com/portal/us.svg
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/styles.d19a2841d4f74e4b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/portal/styles.d19a2841d4f74e4b.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"116d-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:25:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b630c069bf8-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
loader.svg
sosexyunwrapped.itworks.com/portal/
829 B
782 B
Image
General
Full URL
https://sosexyunwrapped.itworks.com/portal/loader.svg
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/styles.d19a2841d4f74e4b.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/portal/styles.d19a2841d4f74e4b.css

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"33d-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:25:00 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b631c0a9bf8-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer
https://sosexyunwrapped.itworks.com/

Response headers

age
292439
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 08:11:01 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 08:11:01 GMT
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
7884
x-xss-protection
0
server
sffe
fa-regular-400.woff2
sosexyunwrapped.itworks.com/portal/
0
0

fa-solid-900.woff2
sosexyunwrapped.itworks.com/portal/
0
0

MaterialSymbolsOutlined.woff2
sosexyunwrapped.itworks.com/assets/material-design-icons/
0
0

Inter-roman.var.woff2
sosexyunwrapped.itworks.com/portal/
0
0

icon-instagram.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/
3 KB
3 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/icon-instagram.svg?w=32&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DB98FC1030F36A
x-timer
S1732901100.053458,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
2930
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Aug 2023 17:14:17 GMT
x-served-by
cache-iad-kjyo7100104-IAD, cache-fra-etou8220152-FRA
x-cache-hits
21, 1
icon-facebook.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/
462 B
744 B
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/icon-facebook.svg?w=32&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DB98FC2354D19C
x-timer
S1732901100.053152,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
462
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Aug 2023 17:14:49 GMT
x-served-by
cache-iad-kcgs7200171-IAD, cache-fra-etou8220152-FRA
x-cache-hits
21, 1
twitter-black%2032x32.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/
785 B
1 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/twitter-black%2032x32.svg?w=32&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DC53EA59EEDAB8
x-timer
S1732901100.053661,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
785
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Wed, 03 Apr 2024 14:28:37 GMT
x-served-by
cache-iad-kjyo7100051-IAD, cache-fra-etou8220152-FRA
x-cache-hits
21, 1
icon-pinterest.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/
1 KB
1 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/icon-pinterest.svg?w=32&fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

cache-control
public, immutable, max-age=31536000
etag
0x8DB98FC4AD3F6A5
x-timer
S1732901100.053898,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
1193
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/svg+xml
last-modified
Wed, 09 Aug 2023 17:15:55 GMT
x-served-by
cache-iad-kiad7000116-IAD, cache-fra-etou8220152-FRA
x-cache-hits
21, 1
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b63fcbf9bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b640cc49bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b641cd89bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=36405VALUE,38901VALUE,38402VALUE,38701VALUE,30206,35200VALUE,33404VALUE,36801VALUE,32202VALUE,38101&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color,assets,image,mobile_image,link,max_image_width,taxonomy&depth=99&language=en-US
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b641e95d345-FRA
date
Fri, 29 Nov 2024 17:25:00 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230130-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
56 KB
12 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=36405VALUE,38901VALUE,38402VALUE,38701VALUE,30206,35200VALUE,33404VALUE,36801VALUE,32202VALUE,38101&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color,assets,image,mobile_image,link,max_image_width,taxonomy&depth=99&language=en-US
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:30:00 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
x-request-charge
51
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230117-FRA, cache-fra-eddf8230098-FRA
x-cache-hits
0, 1
last-modified
Fri, 29 Nov 2024 17:25:00 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732753851.420846,VS0,VE401
referrer-policy
no-referrer
cf-ray
8ea44b644efbd345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
11918
server
cloudflare
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b642ce99bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b649d499bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
Primary Request /
itworks.com/
19 KB
5 KB
Document
General
Full URL
https://itworks.com/
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/main.05051b540671ea5a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
1bf86f4bb298f2bb0fe125898af89e0f3ac7ec8cf2c53f5edef23a12451a8b73
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sosexyunwrapped.itworks.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=0
cf-cache-status
DYNAMIC
cf-ray
8ea44b64ad569bf8-FRA
content-encoding
gzip
content-security-policy
frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type
text/html; charset=utf-8
date
Fri, 29 Nov 2024 17:25:00 GMT
last-modified
Wed, 27 Nov 2024 16:04:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
server-timing
cfCacheStatus;desc="DYNAMIC"
strict-transport-security
max-age=2592000
vary
Origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
Express
x-xss-protection
1; mode=block
skjfu5id0v.json
fast.wistia.com/embed/medias/
6 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/skjfu5id0v.json
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
15ee5aa2-0e5c-4113-b8a2-3e6d9cc91f59
content-encoding
br
etag
W/"0b64de7d20f4679091d6429922c6eb50"
age
26895
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
x_xF_6pkM_sD5n7bbm5Ah5R9gU1s30QG5DrPUt_CNQoijKHddnNNyw==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kiad7000057-IAD, cache-fra-etou8220149-FRA
x-runtime
0.051826
x-cache-hits
2, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
53
x-timer
S1732901100.315038,VS0,VE2
via
1.1 49f314378e697e1d81814f43e4cc289a.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
1717
x-amz-cf-pop
IAD61-P4
server
envoy
wistia-mux.js
fast.wistia.com/assets/external/
132 KB
34 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/wistia-mux.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer

Response headers

content-encoding
br
etag
"b52fc538d5379c9fcf7b105abb1a824a"
age
3410
access-control-allow-methods
GET, HEAD
x-cache
HIT, HIT
date
Fri, 29 Nov 2024 17:25:00 GMT
last-modified
Wed, 27 Nov 2024 19:27:31 GMT
x-served-by
cache-iad-kcgs7200023-IAD, cache-fra-etou8220149-FRA
x-cache-hits
25, 31
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1732901100.314882,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
33873
asset-version
40669335fc221c473cbbda5170bd8173445157ee
server
AmazonS3
x-amz-server-side-encryption
AES256
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ Frame
0
0
Preflight
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=pricing_static_content&depth=99&language=en-US&limit=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Access-Control-Request-Headers
x-kc-sdkid
Access-Control-Request-Method
GET
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
x-kc-sdkid
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8ea44b64d84bd345-FRA
date
Fri, 29 Nov 2024 17:25:00 GMT
referrer-policy
no-referrer
retry-after
0
server
cloudflare
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-cache
HIT
x-cache-hits
0
x-content-type-options
nosniff
x-frame-options
DENY
x-served-by
cache-fra-eddf8230089-FRA
items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/
3 KB
2 KB
XHR
General
Full URL
https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=pricing_static_content&depth=99&language=en-US&limit=1
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
X-KC-SDKID
npmjs.com;@kontent-ai/delivery-sdk;14.0.1

Response headers

access-control-expose-headers
X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
content-encoding
gzip
cf-cache-status
MISS
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:30:00 GMT
x-stale-content
0
x-cache
MISS, HIT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
x-request-charge
1
content-type
application/json; charset=utf-8
x-served-by
cache-fra-eddf8230094-FRA, cache-fra-eddf8230082-FRA
x-cache-hits
0, 0
last-modified
Fri, 29 Nov 2024 17:25:00 GMT
x-frame-options
DENY
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
cache-control
public, max-age=300
x-timer
S1732753852.275190,VS0,VE386
referrer-policy
no-referrer
cf-ray
8ea44b64f8b2d345-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
1091
server
cloudflare
36405-SKNY-Gummies-1080x1080px-US.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4c07a6f7-6947-4742-ad5f-1850bc75434f/
36 KB
36 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4c07a6f7-6947-4742-ad5f-1850bc75434f/36405-SKNY-Gummies-1080x1080px-US.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=383385 idim=1080x1080 ifmt=png ofsz=36666 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"KCye4rcIFemAeC6UoRS5frHbsz2ad4jbrT2CjzX1lY8"
x-timer
S1732901100.295047,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
36666
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010213
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200072-IAD, cache-fra-etou8220152-FRA
x-cache-hits
28, 1
BRN%2B_1080x1080_listing%20image.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/df6d7303-f6bc-43fa-a53a-f375a15c0aa4/
31 KB
32 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/df6d7303-f6bc-43fa-a53a-f375a15c0aa4/BRN%2B_1080x1080_listing%20image.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=298814 idim=1080x1080 ifmt=png ofsz=32210 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"pm9Ew3IrpKmN5s7I6LSwyGLuXSuCUg9B5quun4EFFX8"
x-timer
S1732901100.295579,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
32210
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010251
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100073-IAD, cache-fra-etou8220152-FRA
x-cache-hits
97, 1
Listing%20image-slmr-us.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0e3aa0e0-1bb3-4513-9227-40cbfa288489/
27 KB
27 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0e3aa0e0-1bb3-4513-9227-40cbfa288489/Listing%20image-slmr-us.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=608900 idim=1080x1080 ifmt=png ofsz=27712 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"BkZttDL0klZCzzPkSfOxoN6iQS9f1ns0Z5Fm49MWKuE"
x-timer
S1732901100.295570,VS0,VE1
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
27712
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010211
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200108-IAD, cache-fra-etou8220152-FRA
x-cache-hits
28, 1
Listing%20Image-FLAT.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9c0c97f6-5f29-4234-8134-c73270e87c76/
27 KB
27 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9c0c97f6-5f29-4234-8134-c73270e87c76/Listing%20Image-FLAT.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=393488 idim=1080x1080 ifmt=png ofsz=27670 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"a7wFtcdkxjLa/krIQQu/F1z6m1m5rKq2yysYbYS4MtM"
x-timer
S1732901100.295789,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
27670
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010247
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200167-IAD, cache-fra-etou8220152-FRA
x-cache-hits
54, 1
Listing%20Image-TFXX.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/69a06fa6-ac5f-41b2-815a-f4393ba28ea9/
38 KB
38 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/69a06fa6-ac5f-41b2-815a-f4393ba28ea9/Listing%20Image-TFXX.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=418766 idim=1080x1080 ifmt=png ofsz=38458 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"TB9fxRLX6LKSLkyz/6aWWld36L2f5k4xEzfE/J+v8wQ"
x-timer
S1732901100.296195,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
38458
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010229
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000068-IAD, cache-fra-etou8220152-FRA
x-cache-hits
101, 1
35200-Skinny-Brew-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/36bfe798-24ac-4981-aa37-28b0819057b3/
66 KB
67 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/36bfe798-24ac-4981-aa37-28b0819057b3/35200-Skinny-Brew-1080x1080.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1120093 idim=1081x1081 ifmt=png ofsz=67860 odim=1081x1081 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"UDUY0+ixKHu2U2jRyftu6ZE+U2w/Fd3L2dm99AHg2BA"
x-timer
S1732901100.297292,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
67860
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000085-IAD, cache-fra-etou8220152-FRA
x-cache-hits
4295, 1
33404VALUE-Keto-Coffee-Original-1080x1080px.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e05e5db1-a33d-40e5-927d-ccfbcea59e7d/
54 KB
54 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e05e5db1-a33d-40e5-927d-ccfbcea59e7d/33404VALUE-Keto-Coffee-Original-1080x1080px.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=771916 idim=1081x1081 ifmt=png ofsz=55162 odim=1081x1081 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"jWvuEpS+E6l61p00I0x/3UAWaR0iCrChSvagmCgX+Ew"
x-timer
S1732901100.296284,VS0,VE3
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
55162
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-mnz1300716
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100040-IAD, cache-fra-etou8220152-FRA
x-cache-hits
1858, 1
36801VALUE-Skinny-Cold-Brew-White-Mocha-1080x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/85a84784-0f1d-4966-814f-7377b1db4bf0/
71 KB
71 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/85a84784-0f1d-4966-814f-7377b1db4bf0/36801VALUE-Skinny-Cold-Brew-White-Mocha-1080x1080.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=1069443 idim=1080x1061 ifmt=png ofsz=72552 odim=1080x1061 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"SqmcRf+Wu6HhOE8r8GlSNZWyQASHefk8UgGysQL59tY"
x-timer
S1732901100.297157,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
72552
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-mnz1300713
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kiad7000077-IAD, cache-fra-etou8220152-FRA
x-cache-hits
8885, 1
32202-HSN.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/8af50d0f-2a4a-4fa2-9c3a-07812c7d295e/
25 KB
25 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/8af50d0f-2a4a-4fa2-9c3a-07812c7d295e/32202-HSN.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=210788 idim=1081x1081 ifmt=png ofsz=25248 odim=1081x1081 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"S936Ww2KHwPnaAeHo//TzXGyQy8MjMs4+jZH7GzcoOk"
x-timer
S1732901100.296798,VS0,VE4
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
25248
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kjyo7100042-IAD, cache-fra-etou8220152-FRA
x-cache-hits
341, 1
simply%20aloe-us.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0ad3fd5c-1aeb-424c-bc00-789ad3b954aa/
34 KB
34 KB
Image
General
Full URL
https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0ad3fd5c-1aeb-424c-bc00-789ad3b954aa/simply%20aloe-us.png?fm=webp&lossless=false
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42:200::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

fastly-stats
io=1
fastly-io-info
ifsz=324185 idim=1080x1080 ifmt=png ofsz=34786 odim=1080x1080 ofmt=webp
cache-control
public, immutable, max-age=31536000
etag
"8tspzmJ6QdpWoqZ+lb+96TsqHKwvxHUy5qPp2sMieKI"
x-timer
S1732901100.296664,VS0,VE2
accept-ranges
bytes
access-control-allow-origin
*
x-cache
HIT, HIT
content-length
34786
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
fastly-io-served-by
vpop-kiad7010217
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
image/webp
x-served-by
cache-iad-kcgs7200103-IAD, cache-fra-etou8220152-FRA
x-cache-hits
7, 1
wm2vcyrj38.json
fast.wistia.com/embed/medias/
5 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/wm2vcyrj38.json
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
c25fd020-dd88-4751-a7eb-4f41ac6c0d5f
content-encoding
br
etag
W/"d2863dc60b0f684a855c8e00d15f38aa"
age
79797
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
y3nqMWqdJ6E32JnJIM__nUH2Lz-hU1-JPfFxvqenqVHvXaT6Wdx7xA==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kiad7000118-IAD, cache-fra-etou8220149-FRA
x-runtime
0.089819
x-cache-hits
2, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
92
x-timer
S1732901100.315884,VS0,VE1
via
1.1 37b24eb2de6c1739f649810b6a7d81f8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
1646
x-amz-cf-pop
IAD61-P4
server
envoy
i06qfn16lm.json
fast.wistia.com/embed/medias/
5 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/i06qfn16lm.json
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
30e866cd-d7f3-49f6-aa85-9ce3c49a9e55
content-encoding
br
etag
W/"46678c63b29c092702afdaf6e50f1f00"
age
60818
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
jhwYwgA85D3QN-CukAS2IlyzsFsXj7zM8uE34MV6UIJw1_yfdzlswg==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kiad7000154-IAD, cache-fra-etou8220149-FRA
x-runtime
0.044724
x-cache-hits
32, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
46
x-timer
S1732901100.315472,VS0,VE1
via
1.1 3d0c14144ce4a7fd9b3fd5f94407ec7e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
1632
x-amz-cf-pop
IAD61-P4
server
envoy
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.206.112.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-112-129.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://sosexyunwrapped.itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 29 Nov 2024 17:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/
0
0

te7gu92uex.json
fast.wistia.com/embed/medias/
6 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/te7gu92uex.json
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
b5fee5e5-aefe-4f60-ae6d-068b810711be
content-encoding
br
etag
W/"dc71751058d6be8b9e4f59918886ebb6"
age
79100
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
1FdC9DQ5pSR7er1rwiDegPfR4wGwEKo2PFzsMdlSpBRbvWWXzKa27Q==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kcgs7200158-IAD, cache-fra-etou8220149-FRA
x-runtime
0.051528
x-cache-hits
5, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
53
x-timer
S1732901100.327338,VS0,VE1
via
1.1 caaddf8ce46d2bfa1216d6fdd9c0393c.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
1725
x-amz-cf-pop
IAD61-P4
server
envoy
1gfodsm60p.json
fast.wistia.com/embed/medias/
6 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/1gfodsm60p.json
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
2ee9b152-d5ee-4b8d-b49e-b9cda3e74f86
content-encoding
br
etag
W/"a1d7c6554270943da84d7c05e25d4485"
age
17788
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
8lWSDHsoUVPWvv2dj4ssJ17GcIRqfJGvHqEFjNOfmHgVdfERcSwd8w==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kjyo7100069-IAD, cache-fra-etou8220149-FRA
x-runtime
0.050655
x-cache-hits
5, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
53
x-timer
S1732901100.334002,VS0,VE1
via
1.1 423570c3bf5a4f5c4eaaf51bd2bfafe8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
1648
x-amz-cf-pop
MIA3-C4
server
envoy
playPauseLoadingControl.js
fast.wistia.com/assets/external/
83 KB
22 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer

Response headers

content-encoding
br
etag
"b78e19c3156d4b7f50fa301bd17f3627"
age
3422
access-control-allow-methods
GET, HEAD
x-cache
HIT, HIT
date
Fri, 29 Nov 2024 17:25:00 GMT
last-modified
Wed, 27 Nov 2024 19:27:31 GMT
x-served-by
cache-iad-kjyo7100031-IAD, cache-fra-etou8220149-FRA
x-cache-hits
29, 100
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1732901100.344023,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
22490
asset-version
40669335fc221c473cbbda5170bd8173445157ee
server
AmazonS3
x-amz-server-side-encryption
AES256
39da8dfb9a3385c058e9bf44770b56eb9dd1f2b5.webp
embed-ssl.wistia.com/deliveries/
54 KB
54 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/39da8dfb9a3385c058e9bf44770b56eb9dd1f2b5.webp?image_crop_resized=720x1280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

surrogate-key
39da8dfb9a3385c058e9bf44770b56eb9dd1f2b5 thumbnail-delivery
etag
nxtYIrT7rXyvokPrf04epxU1djI=
age
167650
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
Kj6bEoPPAsminBpgrnNMH-0VbbN3tmK8vkE1u26AOK2yTTR3NmGXdA==
date
Wed, 27 Nov 2024 18:50:50 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 02 May 2024 12:52:13 UTC
edge-cache-tag
39da8dfb9a3385c058e9bf44770b56eb9dd1f2b5
cache-control
max-age=31536000
x-envoy-upstream-service-time
215
x-cdn
cloudfront
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
1e3173889505ce603c93dad7a5409863988766fa.webp
embed-ssl.wistia.com/deliveries/
218 KB
219 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/1e3173889505ce603c93dad7a5409863988766fa.webp?image_crop_resized=1080x1920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

surrogate-key
1e3173889505ce603c93dad7a5409863988766fa thumbnail-delivery
etag
JlvbiuPqJNdhMc8X2RE7xoMkL0g=
age
166522
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
VwRTT32JW5uQVTxOLvS4r_qy2uaChia2ql_MhEYXlZLtINsbwONcqQ==
date
Wed, 27 Nov 2024 19:09:38 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 02 May 2024 12:51:10 UTC
edge-cache-tag
1e3173889505ce603c93dad7a5409863988766fa
cache-control
max-age=31536000
x-envoy-upstream-service-time
437
x-cdn
cloudfront
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
a7ca439bd89b6861b05d46492eb1b8537bb908be.webp
embed-ssl.wistia.com/deliveries/
38 KB
38 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/a7ca439bd89b6861b05d46492eb1b8537bb908be.webp?image_crop_resized=720x1280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

surrogate-key
a7ca439bd89b6861b05d46492eb1b8537bb908be thumbnail-delivery
etag
FXiGU1SS6rZeSPYzlGNTblXGgyI=
age
166595
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
597Qq_RcoeRtdo9iK4p3IB8tKaf_ixYnikWKEszxLpo4DJmyUB2PGg==
date
Wed, 27 Nov 2024 19:08:25 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 02 May 2024 12:53:44 UTC
edge-cache-tag
a7ca439bd89b6861b05d46492eb1b8537bb908be
cache-control
max-age=31536000
x-envoy-upstream-service-time
224
x-cdn
cloudfront
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
2q4cmg3cqy.json
fast.wistia.com/embed/medias/
5 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/2q4cmg3cqy.json
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
df4dcb14-edd3-405f-8ae6-5f0bc4e36c40
content-encoding
br
etag
W/"5d9c4ec1d64330d355b08db7e1ae55b0"
age
16292
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
2I4Edly8i8_4hqu5RLLTwYXZ8NPs3BLL1neDx-F5KUyMfxLdXr0oVw==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kcgs7200079-IAD, cache-fra-etou8220149-FRA
x-runtime
0.052211
x-cache-hits
12, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
54
x-timer
S1732901100.412045,VS0,VE2
via
1.1 37b24eb2de6c1739f649810b6a7d81f8.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
1630
x-amz-cf-pop
IAD61-P4
server
envoy
g6jd982y56.json
fast.wistia.com/embed/medias/
6 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/g6jd982y56.json
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
4155f539-85d7-4192-b0bf-d02e5fe26188
content-encoding
br
etag
W/"480be73cddfcdfef742dea71d911b651"
age
31770
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, MISS, HIT
x-amz-cf-id
G98caU-_hJnvGaUHizfbmYrvq9CLlk6ieBgNBLprlJX3KB9o_fx5Sw==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kjyo7100141-IAD, cache-fra-etou8220149-FRA
x-runtime
0.047443
x-cache-hits
0, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
49
x-timer
S1732901100.477071,VS0,VE2
via
1.1 3ae23fbba4b6248fff2a844692f24c3e.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
1594
x-amz-cf-pop
MIA3-C4
server
envoy
e82746d87bc813065b4b7a7435a8d1ebc5b5c4d3.webp
embed-ssl.wistia.com/deliveries/
105 KB
105 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/e82746d87bc813065b4b7a7435a8d1ebc5b5c4d3.webp?image_crop_resized=1080x1920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

surrogate-key
e82746d87bc813065b4b7a7435a8d1ebc5b5c4d3 thumbnail-delivery
etag
C5-Z_AQpT8Xd-bWbqXzypv2LMjc=
age
166522
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
s9omvxeDeNy68UlgZijHYHHTB8AGlop9kK7blLqhLlIBsCxNS-zUEQ==
date
Wed, 27 Nov 2024 19:09:38 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 02 May 2024 12:55:16 UTC
edge-cache-tag
e82746d87bc813065b4b7a7435a8d1ebc5b5c4d3
cache-control
max-age=31536000
x-envoy-upstream-service-time
373
x-cdn
cloudfront
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
b4459cffd49ee322999ea5451fe2ae29.webp
embed-ssl.wistia.com/deliveries/
114 KB
115 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/b4459cffd49ee322999ea5451fe2ae29.webp?image_crop_resized=1080x1920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

surrogate-key
b4459cffd49ee322999ea5451fe2ae29 thumbnail-delivery
etag
YrDGll-v88onWWFnMzrlL6jgEkg=
age
166522
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
Fo9mrK0929MaZkb_zeKV0zQ_9k2P6Movxpk4T17SiQ--Y3T7B0zBeg==
date
Wed, 27 Nov 2024 19:09:38 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 25 Apr 2024 14:26:18 UTC
edge-cache-tag
b4459cffd49ee322999ea5451fe2ae29
cache-control
max-age=31536000
x-envoy-upstream-service-time
399
x-cdn
cloudfront
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b662e759bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
log
sosexyunwrapped.itworks.com/api/
0
162 B
XHR
General
Full URL
https://sosexyunwrapped.itworks.com/api/log
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Referer
https://sosexyunwrapped.itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b662e769bf8-FRA
access-control-allow-origin
https://sosexyunwrapped.itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:00 GMT
vary
Origin
server
cloudflare
x-powered-by
Express
ph4tkb6tcc.json
fast.wistia.com/embed/medias/
5 KB
2 KB
Fetch
General
Full URL
https://fast.wistia.com/embed/medias/ph4tkb6tcc.json
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
ed9fbaba-e6fe-4b8a-bef9-5b76187abec7
content-encoding
br
etag
W/"be6ae25be3114e46d0f51cdcec943097"
age
74712
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, MISS, HIT
x-amz-cf-id
Jz2Cc2vhVftxMBCZDgWLvaeDdbodH6yJn7ox3c2Md_u1wVv-uPzJPQ==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/json; charset=utf-8
x-served-by
cache-iad-kjyo7100162-IAD, cache-fra-etou8220149-FRA
x-runtime
0.045482
x-cache-hits
0, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
47
x-timer
S1732901101.525747,VS0,VE3
via
1.1 d884448b57edd26b9e1728c6eef625b0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
1521
x-amz-cf-pop
MIA3-C4
server
envoy
93a34e3a6335588b2a1b3f471b08eda0aa8e7af5.webp
embed-ssl.wistia.com/deliveries/
84 KB
85 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/93a34e3a6335588b2a1b3f471b08eda0aa8e7af5.webp?image_crop_resized=720x1280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

surrogate-key
93a34e3a6335588b2a1b3f471b08eda0aa8e7af5 thumbnail-delivery
etag
7SKLsVloV_IXASyJ4hoPOuiCPqc=
age
166595
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
2F1f4U-tZWgrPYzMq0JplbOJRJ071Mc0WXJJkQMmHt26saygdPRemA==
date
Wed, 27 Nov 2024 19:08:25 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Thu, 02 May 2024 12:50:09 UTC
edge-cache-tag
93a34e3a6335588b2a1b3f471b08eda0aa8e7af5
cache-control
max-age=31536000
x-envoy-upstream-service-time
290
x-cdn
cloudfront
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
9272fcc3435d54d1554a390ace97e5a57508cbce.webp
embed-ssl.wistia.com/deliveries/
75 KB
76 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/9272fcc3435d54d1554a390ace97e5a57508cbce.webp?image_crop_resized=1080x1920
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

surrogate-key
9272fcc3435d54d1554a390ace97e5a57508cbce thumbnail-delivery
etag
UoevK2TVw3YcFSo8LQlFAA8S1Ek=
age
292247
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
Cw8FN5EaME98VtElLGG1SUc8NlU51mQfXoSmJE0C579hphBj74Sw9A==
date
Tue, 26 Nov 2024 08:14:13 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Wed, 24 Jan 2024 14:25:27 UTC
edge-cache-tag
9272fcc3435d54d1554a390ace97e5a57508cbce
cache-control
max-age=31536000
x-envoy-upstream-service-time
305
x-cdn
cloudfront
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
hls_video.js
fast.wistia.com/assets/external/engines/
520 KB
128 KB
Script
General
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer

Response headers

content-encoding
br
etag
"bdbb5c4b7a1559b9f20139f41c1d64da"
age
3597
access-control-allow-methods
GET, HEAD
x-cache
HIT, HIT
date
Fri, 29 Nov 2024 17:25:00 GMT
last-modified
Wed, 27 Nov 2024 19:27:31 GMT
x-served-by
cache-iad-kcgs7200129-IAD, cache-fra-etou8220149-FRA
x-cache-hits
21, 67
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1732901101.579034,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
130943
asset-version
40669335fc221c473cbbda5170bd8173445157ee
server
AmazonS3
x-amz-server-side-encryption
AES256
e6bff10bc3866908cfc41d3ecefbf463dd87861f.webp
embed-ssl.wistia.com/deliveries/
38 KB
39 KB
Image
General
Full URL
https://embed-ssl.wistia.com/deliveries/e6bff10bc3866908cfc41d3ecefbf463dd87861f.webp?image_crop_resized=720x1280
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:d400:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

surrogate-key
e6bff10bc3866908cfc41d3ecefbf463dd87861f thumbnail-delivery
etag
TrW4iTXFJNkekAbXHpz-DPLMJAY=
age
165393
access-control-request-method
*
x-cache
Hit from cloudfront
x-amz-cf-id
ifHf4PWfCxFXLBv64f3FnVGJkBMR9MVjLL-RRtRL8-YqRKWHiII3Yg==
date
Wed, 27 Nov 2024 19:28:27 GMT
content-type
image/webp
content-disposition
inline
vary
Origin
last-modified
Wed, 24 Jan 2024 14:34:28 UTC
edge-cache-tag
e6bff10bc3866908cfc41d3ecefbf463dd87861f
cache-control
max-age=31536000
x-envoy-upstream-service-time
246
x-cdn
cloudfront
via
1.1 bfa7dfbe8ca6d4eb3690c4c82ca6c0fa.cloudfront.net (CloudFront)
accept-ranges
none
x-amz-cf-pop
FRA56-C2
server
envoy
blank.gif
fast.wistia.com/assets/images/
1 KB
1 KB
Image
General
Full URL
https://fast.wistia.com/assets/images/blank.gif
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer
https://sosexyunwrapped.itworks.com/

Response headers

etag
"fbdc4ed9a1e2ee4917a265306927bcf1"
age
849
access-control-allow-methods
GET, HEAD
x-cache
HIT, HIT
date
Fri, 29 Nov 2024 17:25:00 GMT
last-modified
Wed, 10 May 2023 19:48:54 GMT
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-etou8220149-FRA
x-cache-hits
3822834, 22
content-type
image/gif
vary
Accept-Encoding
strict-transport-security
max-age=0
cache-control
public, max-age=3600
timing-allow-origin
*
x-timer
S1732901101.640163,VS0,VE0
via
1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
1214
server
AmazonS3
x-amz-server-side-encryption
AES256
skjfu5id0v.m3u8
fast.wistia.com/embed/medias/
944 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/skjfu5id0v.m3u8
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
c6f9a3d7-b386-41a5-869d-ee82ecbad0cd
etag
W/"fb858e08c0f4e088d96b8224288c5cce"
age
28
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
ituoudhDiv9uoAjC2sBbr_Li-aC3CfuWflEtanqV1CGwkv8Qa15Rpg==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kiad7000024-IAD, cache-fra-etou8220149-FRA
x-runtime
0.030793
x-cache-hits
12, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
32
x-timer
S1732901101.643374,VS0,VE1
via
1.1 c09e1ee371c0b677b7724c2a52462928.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
944
x-amz-cf-pop
IAD61-P4
server
envoy
a3591ba5e949a37083cc6f5a4191e903.min.js
js.sentry-cdn.com/
3 KB
2 KB
Script
General
Full URL
https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:600::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.sentry.io; font-src * data:; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; media-src *; img-src * blob: data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; object-src 'none'; default-src 'none'; style-src * 'unsafe-inline'; worker-src blob:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=592c540d78442e286f1d1e0a28c7edf2013afd6c
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options deny
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://sosexyunwrapped.itworks.com
Referer
https://sosexyunwrapped.itworks.com/

Response headers

content-encoding
gzip
age
53
x-envoy-attempt-count
1
x-content-type-options
nosniff
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
text/javascript
x-served-by
getsentry-web-default-common-production-6558bcdfdf-jz5k9, cache-chi-klot8100079-CHI, cache-fra-etou8220051-FRA
vary
Accept-Encoding
x-frame-options
deny
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' *.sentry.io; font-src * data:; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; media-src *; img-src * blob: data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; object-src 'none'; default-src 'none'; style-src * 'unsafe-inline'; worker-src blob:; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=592c540d78442e286f1d1e0a28c7edf2013afd6c
cache-control
public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
timing-allow-origin
*
x-envoy-upstream-service-time
27
accept-ranges
bytes
access-control-allow-origin
*
content-length
1331
x-xss-protection
1; mode=block
wm2vcyrj38.m3u8
fast.wistia.com/embed/medias/
759 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/wm2vcyrj38.m3u8
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
7fb2cf54-16ed-43a8-9579-458c494306e8
etag
W/"bee43e8cff4a2668af5b0952301a7168"
age
28
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
5rWF5End5nWBq9eQgAKMO0P8t3oK8qxQ8Sz7yPfAC2Sg1TPtzVGiJQ==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kcgs7200168-IAD, cache-fra-etou8220149-FRA
x-runtime
0.029641
x-cache-hits
12, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
31
x-timer
S1732901101.651045,VS0,VE1
via
1.1 43ea6d4d093c6f8fb9edddca6fa0cf36.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
759
x-amz-cf-pop
IAD61-P4
server
envoy
i06qfn16lm.m3u8
fast.wistia.com/embed/medias/
755 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/i06qfn16lm.m3u8
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
23eec584-f2dc-4ff1-8125-c478af82f2d4
etag
W/"d71ef23ee569134e58f2bef27d44cc57"
age
28
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
MRwCzqDZcKxC97v8nTKGWE4qmEVE0vdOhTIgME0iJhPD3ZWbC8WAGg==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kcgs7200107-IAD, cache-fra-etou8220149-FRA
x-runtime
0.031431
x-cache-hits
12, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
33
x-timer
S1732901101.651024,VS0,VE1
via
1.1 f7aa8e8c7d84529aeae571755a6e9848.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
755
x-amz-cf-pop
IAD61-P4
server
envoy
te7gu92uex.m3u8
fast.wistia.com/embed/medias/
945 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/te7gu92uex.m3u8
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
2d8bda99-6845-4a38-a00b-42b1465f2347
etag
W/"d57e42bb8a1b1a54c243d18a45d5626b"
age
28
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
qWJ0DIcXQZiZDz0SwbMaVxHuUzO6WBqMIznlO3wgGeihEzhmPMbc7A==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kjyo7100075-IAD, cache-fra-etou8220149-FRA
x-runtime
0.031821
x-cache-hits
12, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
33
x-timer
S1732901101.654712,VS0,VE1
via
1.1 a0d145d0791dd4e5051fa117c0e46d48.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
945
x-amz-cf-pop
IAD61-P4
server
envoy
1gfodsm60p.m3u8
fast.wistia.com/embed/medias/
946 B
1 KB
XHR
General
Full URL
https://fast.wistia.com/embed/medias/1gfodsm60p.m3u8
Requested by
Host: sosexyunwrapped.itworks.com
URL: https://sosexyunwrapped.itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::644 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://sosexyunwrapped.itworks.com/

Response headers

x-request-id
dc27124e-072f-4200-9b96-72739eca4a9b
etag
W/"6525e467367e04ff55b5e8f84d96cee0"
age
27
x-permitted-cross-domain-policies
none
x-content-type-options
nosniff
x-cache
Miss from cloudfront, HIT, HIT
x-amz-cf-id
x45ychqC605uPw5BTVgsQyRjLfxOh8pDndEQGjmktFLd0HmxQVGU6A==
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
application/x-mpegURL
x-served-by
cache-iad-kjyo7100026-IAD, cache-fra-etou8220149-FRA
x-runtime
0.039633
x-cache-hits
12, 1
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security
max-age=0
cache-control
public, no-cache
timing-allow-origin
*
x-envoy-upstream-service-time
41
x-timer
S1732901101.659062,VS0,VE1
via
1.1 d178845d60baf589ab6db5ec371a50a0.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser
chrome
x-ecma-v
modern
x-browser-version
131
accept-ranges
bytes
access-control-allow-origin
*
content-length
946
x-amz-cf-pop
MIA3-P4
server
envoy
2q4cmg3cqy.m3u8
fast.wistia.com/embed/medias/
0
0

g6jd982y56.m3u8
fast.wistia.com/embed/medias/
0
0

/
fg8vvsvnieiv3ej16jby.litix.io/
0
0

3d131646d32d9a984e41dbd013fa569aed50c396.m3u8
embed-cloudfront.wistia.com/deliveries/
0
0

collect
region1.analytics.google.com/g/
0
0

/
fg8vvsvnieiv3ej16jby.litix.io/
0
0

/
fg8vvsvnieiv3ej16jby.litix.io/
0
0

/
fg8vvsvnieiv3ej16jby.litix.io/
0
0

/
fg8vvsvnieiv3ej16jby.litix.io/
0
0

/
fg8vvsvnieiv3ej16jby.litix.io/
0
0

/
fg8vvsvnieiv3ej16jby.litix.io/
0
0

rum
sosexyunwrapped.itworks.com/cdn-cgi/
0
0

fa-solid-900.ttf
sosexyunwrapped.itworks.com/portal/
0
0

fa-regular-400.ttf
sosexyunwrapped.itworks.com/portal/
0
0

jquery-2.2.4.min.js
code.jquery.com/
84 KB
0
Script
General
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

content-encoding
gzip
etag
W/"28feccc0-14e4a"
age
2891767
x-cache
MISS, HIT
date
Fri, 29 Nov 2024 17:24:56 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
x-cache-hits
0, 130073
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-served-by
cache-lga21935-LGA, cache-fra-etou8220135-FRA
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1732901096.450924,VS0,VE0
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
29811
server
nginx
js
maps.googleapis.com/maps/api/
236 KB
20 B
Script
General
Full URL
https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ba1f3034314fc03471d0d8f5de3b007f3df2ed2c3f5184051f96457f7b97e3de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
public, max-age=1800, stale-while-revalidate=3600
timing-allow-origin
*
content-encoding
gzip
etag
96bf4df9
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
81599
date
Fri, 29 Nov 2024 17:25:00 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
vary
Accept-Language, Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
gtm.js
www.googletagmanager.com/
313 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f289714d4bdfd52c75f977e580f409faa1fd9fe6bf7fc3aa503145683fb7e607
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Fri, 29 Nov 2024 17:24:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:24:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Fri, 29 Nov 2024 15:00:00 GMT
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97234
x-xss-protection
0
server
Google Tag Manager
analytics.js
www.google-analytics.com/
52 KB
0
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
gzip
age
6077
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 17:43:39 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 15:43:39 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
js
www.googletagmanager.com/gtag/
416 KB
0
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4bk0v79783485za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62a44d5dcb2c1b564996db0daa9d3ca7cca3d4c7c373ed98fa8269835e6f8641
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Fri, 29 Nov 2024 17:24:56 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:24:56 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
136186
x-xss-protection
0
server
Google Tag Manager
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4bk0v890894587z879783485za200zb79783485&_p=1732901100708&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=582119194.1732901101&ecid=1275739464&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&sid=1732901100&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fsosexyunwrapped.itworks.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=500
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4bk0v79783485za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
text/plain
server
Golfe2
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4bk0v890894587z879783485za200zb79783485&_p=1732901100708&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=582119194.1732901101&ecid=1275739464&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=2&sid=1732901100&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fsosexyunwrapped.itworks.com%2F&dt=It%20Works!&en=user_login_status&ep.login_status=Logged%20Out&_et=1&tfd=505
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4bk0v79783485za200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:25:00 GMT
content-type
text/plain
server
Golfe2
gen_204
maps.googleapis.com/maps/api/mapsjs/
3 B
44 B
XHR
General
Full URL
https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
Requested by
Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
content-encoding
gzip
x-content-type-options
nosniff
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23
date
Fri, 29 Nov 2024 17:25:00 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
vary
Origin, X-Origin, Referer
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
styles.d19a2841d4f74e4b.css
itworks.com/portal/
1 MB
170 KB
Stylesheet
General
Full URL
https://itworks.com/portal/styles.d19a2841d4f74e4b.css
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ccd3193007afb621d7d338f9ddae0b8fef582cf8f5b5c58a7bc88a809622c752
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"10f046-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:25:01 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:01 GMT
content-type
text/css; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b67f8ac9bf8-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
runtime.d3b51e990239ac77.js
itworks.com/portal/
3 KB
2 KB
Script
General
Full URL
https://itworks.com/portal/runtime.d3b51e990239ac77.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
8af9459dd55f42f8d1b9b3e2cbe8619fbf57438767964def87db29cb45678b7d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"dd9-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:25:01 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:01 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b67f8ae9bf8-FRA
access-control-allow-origin
https://itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
polyfills.4eabdd1b793ab22a.js
itworks.com/portal/
69 KB
25 KB
Script
General
Full URL
https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cca4851fa7a29a0607378c513516b3f892446d4a6a0c8cc33e6cfae6e2412ba9
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"11535-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:25:01 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:01 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b67f8b19bf8-FRA
access-control-allow-origin
https://itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
scripts.7f0b88fdce9e9506.js
itworks.com/portal/
123 KB
45 KB
Script
General
Full URL
https://itworks.com/portal/scripts.7f0b88fdce9e9506.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
d17a761a107c7b27e2aae1e12a2be31159021f0605ec2dccf9f5ef0802ff3bdd
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"1ea78-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:25:01 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:01 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b67f8b29bf8-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
main.05051b540671ea5a.js
itworks.com/portal/
3 MB
779 KB
Script
General
Full URL
https://itworks.com/portal/main.05051b540671ea5a.js
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
4b43152bd44f0a43a0bf096c07e5788dda034c30f66def71647973397f7a84d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"30b9c4-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:25:01 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:01 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=2592000
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b67f8b49bf8-FRA
access-control-allow-origin
https://itworks.com
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
vcd15cbe7772f49c399c6a5babf22c1241717689176015
static.cloudflareinsights.com/beacon.min.js/
19 KB
0
Script
General
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

cache-control
public, max-age=86400
content-encoding
gzip
etag
W/"2024.6.1"
cross-origin-resource-policy
cross-origin
cf-ray
8ea44b4dfd8dd292-FRA
access-control-allow-origin
*
date
Fri, 29 Nov 2024 17:24:56 GMT
content-type
text/javascript;charset=UTF-8
last-modified
Thu, 06 Jun 2024 15:52:56 GMT
vary
Accept-Encoding
server
cloudflare
UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
fonts.gstatic.com/s/inter/v18/
47 KB
0
Font
General
Full URL
https://fonts.gstatic.com/s/inter/v18/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7.woff2
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://itworks.com
Referer
https://itworks.com/

Response headers

age
109818
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 28 Nov 2025 10:54:38 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 28 Nov 2024 10:54:38 GMT
last-modified
Mon, 29 Jul 2024 22:51:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48444
x-xss-protection
0
server
sffe
5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 29 Nov 2024 17:25:02 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
3
x-served-by
cache-fra-etou8220020-FRA
x-timer
S1732901102.236759,VS0,VE0
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ Frame
0
0
Preflight
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
x-launchdarkly-user-agent
Access-Control-Request-Method
GET
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods
GET, OPTIONS, HEAD
access-control-allow-origin
*
access-control-max-age
3600
age
0
allow
GET, OPTIONS, HEAD
content-encoding
gzip
content-length
23
date
Fri, 29 Nov 2024 17:25:02 GMT
ld-region
us-east-1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 varnish
x-cache
HIT
x-cache-hits
4
x-served-by
cache-fra-etou8220020-FRA
x-timer
S1732901102.237553,VS0,VE0
level
itworks.com/api/log/
20 B
216 B
XHR
General
Full URL
https://itworks.com/api/log/level
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/

Response headers

cf-cache-status
DYNAMIC
etag
W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
access-control-allow-credentials
true
cf-ray
8ea44b70e8a59bf8-FRA
alt-svc
h3=":443"; ma=86400
content-length
20
date
Fri, 29 Nov 2024 17:25:02 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-powered-by
Express
server
cloudflare
countries
services.itworks.com/countries/v1/
3 KB
0
XHR
General
Full URL
https://services.itworks.com/countries/v1/countries
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1083 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Referer
https://itworks.com/

Response headers

correlationid
e0dc0a31c8479ccdfad31f743212b42e
xdebug
S:
access-control-expose-headers
CorrelationId
content-encoding
gzip
cf-cache-status
MISS
expires
Fri, 29 Nov 2024 21:24:58 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:24:58 GMT
xpassedheaderkey
S:
content-type
application/json; charset=utf-8
vary
Accept-Encoding
messageid
50eff14d-c5b9-4936-9ccd-a99a8e7748ea
last-modified
Fri, 29 Nov 2024 17:24:58 GMT
xcalledservice
S:https://see-inbound-policy.com/
cache-control
public, max-age=14400
xpassedquerykey
S:
xpassedapikey
S:
xoriginalurl
S:services.itworks.com
request-context
appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
cf-ray
8ea44b588a14d345-FRA
access-control-allow-origin
*
xbypasstokenvalidation
S:True
server
cloudflare
bag
itworks.com/ajax/
0
0

5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/
2 B
45 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer
https://itworks.com/

Response headers

content-md5
d751713988987e9331980363e24189ce
access-control-max-age
300
content-encoding
gzip
etag
"d751713988987e9331980363e24189ce"
age
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-cache
HIT
date
Fri, 29 Nov 2024 17:25:02 GMT
content-type
application/json
x-served-by
cache-fra-etou8220020-FRA
x-cache-hits
2
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
vary
Accept-Encoding
cache-control
max-age=0
x-timer
S1732901102.244145,VS0,VE0
ld-region
us-east-1
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
26
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/
43 KB
64 B
XHR
General
Full URL
https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
b3b444223e2a69996578ff4da4b3411f8923ac8b05fa70ced990fee22a05aa6d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
X-LaunchDarkly-User-Agent
JSClient/3.4.0
Referer
https://itworks.com/

Response headers

access-control-max-age
3600
content-encoding
gzip
etag
"576dbb"
age
0
access-control-allow-methods
OPTIONS, GET
x-cache
HIT
date
Fri, 29 Nov 2024 17:25:02 GMT
content-type
application/json
x-served-by
cache-fra-etou8220020-FRA
x-cache-hits
0
vary
Authorization, Accept-Encoding
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
cache-control
max-age=0
retry-after
0
x-timer
S1732901102.244018,VS0,VE0
via
1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
6021
server
Varnish
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4bk0v890894587za200zb79783485&_p=1732901100708&gcs=G100&gcd=13p3p3p2p5l1&npa=1&dma_cps=-&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=582119194.1732901101&ecid=1275739464&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EEA&_s=3&sid=1732901100&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fsosexyunwrapped.itworks.com%2F&dt=It%20Works!&en=scroll&epn.percent_scrolled=90&_et=2&tfd=2018
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:25:02 GMT
content-type
text/plain
server
Golfe2
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4bk0v890894587za200zb79783485&_p=1732901100708&gcs=G111&gcu=1&gcd=13r3r3r2r5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&gcut=3&cid=1941793914.1732901097&ecid=7317237&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=4&sid=1732901096&sct=1&seg=0&dl=https%3A%2F%2Fitworks.com%2F&dr=https%3A%2F%2Fsosexyunwrapped.itworks.com%2F&dt=It%20Works!&en=user_engagement&ep.ga_temp_client_id=582119194.1732901101&ep.ga_temp_ecid=1275739464&_et=1511&tfd=2018
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:25:02 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
72 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-B9ZCN4XJNP&cid=1941793914.1732901097&gtm=45je4bk0v890894587za200zb79783485&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13r3r3r2r5l1&npa=0&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c&gtm=45He4bk0v79783485za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://itworks.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 29 Nov 2024 17:25:02 GMT
content-type
text/plain
server
Golfe2
styles.d19a2841d4f74e4b.css
itworks.com/portal/
1 MB
0
Stylesheet
General
Full URL
https://itworks.com/portal/styles.d19a2841d4f74e4b.css
Requested by
Host: itworks.com
URL: https://itworks.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
ccd3193007afb621d7d338f9ddae0b8fef582cf8f5b5c58a7bc88a809622c752
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

content-encoding
gzip
cf-cache-status
MISS
etag
W/"10f046-1936e5e0a08"
x-content-type-options
nosniff
expires
Fri, 29 Nov 2024 21:25:01 GMT
alt-svc
h3=":443"; ma=86400
date
Fri, 29 Nov 2024 17:25:01 GMT
content-type
text/css; charset=UTF-8
last-modified
Wed, 27 Nov 2024 16:04:37 GMT
vary
Origin, Accept-Encoding
x-frame-options
SAMEORIGIN
content-security-policy
frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cache-control
public, max-age=14400
access-control-allow-credentials
true
referrer-policy
strict-origin-when-cross-origin
cf-ray
8ea44b67f8ac9bf8-FRA
x-xss-protection
1; mode=block
x-powered-by
Express
server
cloudflare
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/ Frame
0
0
Preflight
General
Full URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
52.206.112.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-112-129.compute-1.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-launchdarkly-user-agent
Access-Control-Request-Method
POST
Origin
https://itworks.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Date
access-control-max-age
300
date
Fri, 29 Nov 2024 17:25:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains
5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/
0
0

log
itworks.com/api/
0
0

rum
itworks.com/cdn-cgi/
0
138 B
XHR
General
Full URL
https://itworks.com/cdn-cgi/rum?
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
content-type
application/json
Referer
https://itworks.com/

Response headers

access-control-max-age
86400
access-control-allow-credentials
true
access-control-allow-methods
POST,OPTIONS
x-content-type-options
nosniff
cf-ray
8ea44b7169009bf8-FRA
access-control-allow-origin
https://itworks.com
date
Fri, 29 Nov 2024 17:25:02 GMT
vary
Origin
server
cloudflare
x-frame-options
DENY
favicon.svg
static.myitworks.com/themes/rws-v3/images/
841 B
0
Other
General
Full URL
https://static.myitworks.com/themes/rws-v3/images/favicon.svg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1079 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://itworks.com/

Response headers

Cache-Control
public, max-age=14400
Content-Encoding
gzip
CF-Cache-Status
HIT
etag
W/"28dcb8f1704cd91:0"
Age
1054
CF-RAY
8ea44b58af0f3655-FRA
Expires
Fri, 29 Nov 2024 21:24:58 GMT
access-control-allow-origin
*
Date
Fri, 29 Nov 2024 17:24:58 GMT
Content-Type
image/svg+xml
last-modified
Wed, 01 Mar 2023 19:06:35 GMT
Vary
Accept-Encoding
Server
cloudflare
access-control-allow-headers
Content-Type,Authorization
eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/
43 KB
0
EventSource
General
Full URL
https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTA3In0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.235.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa1ba9bef7b18c265.awsglobalaccelerator.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Cache-Control
no-cache
Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
text/event-stream

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
access-control-max-age
300
cache-control
no-cache, no-store, must-revalidate
ld-region
eu-west-1
access-control-allow-methods
GET,OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
date
Fri, 29 Nov 2024 17:25:02 GMT
content-type
text/event-stream; charset=utf-8
access-control-allow-headers
Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper
log
itworks.com/api/
0
150 B
XHR
General
Full URL
https://itworks.com/api/log
Requested by
Host: itworks.com
URL: https://itworks.com/portal/polyfills.4eabdd1b793ab22a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://itworks.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json

Response headers

cf-cache-status
DYNAMIC
access-control-allow-credentials
true
cf-ray
8ea44b72098e9bf8-FRA
access-control-allow-origin
https://itworks.com
alt-svc
h3=":443"; ma=86400
content-length
0
date
Fri, 29 Nov 2024 17:25:02 GMT
vary
Origin
server
cloudflare
x-powered-by
Express

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sosexyunwrapped.itworks.com
URL
https://sosexyunwrapped.itworks.com/portal/fa-regular-400.woff2
Domain
sosexyunwrapped.itworks.com
URL
https://sosexyunwrapped.itworks.com/portal/fa-solid-900.woff2
Domain
sosexyunwrapped.itworks.com
URL
https://sosexyunwrapped.itworks.com/assets/material-design-icons/MaterialSymbolsOutlined.woff2
Domain
sosexyunwrapped.itworks.com
URL
https://sosexyunwrapped.itworks.com/portal/Inter-roman.var.woff2?v=3.19
Domain
events.launchdarkly.com
URL
https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04
Domain
fast.wistia.com
URL
https://fast.wistia.com/embed/medias/2q4cmg3cqy.m3u8
Domain
fast.wistia.com
URL
https://fast.wistia.com/embed/medias/g6jd982y56.m3u8
Domain
fg8vvsvnieiv3ej16jby.litix.io
URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Domain
embed-cloudfront.wistia.com
URL
https://embed-cloudfront.wistia.com/deliveries/3d131646d32d9a984e41dbd013fa569aed50c396.m3u8
Domain
region1.analytics.google.com
URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je4bk0v890894587za200zb79783485&_p=1732901096432&gcs=G111&gcd=13r3r3r2r5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1941793914.1732901097&ecid=7317237&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=6&sid=1732901096&sct=1&seg=0&dl=https%3A%2F%2Fsosexyunwrapped.itworks.com%2F&dt=Home%20%7C%20IT%20WORKS!&en=user_engagement&_et=2147&tfd=4854
Domain
fg8vvsvnieiv3ej16jby.litix.io
URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Domain
fg8vvsvnieiv3ej16jby.litix.io
URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Domain
fg8vvsvnieiv3ej16jby.litix.io
URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Domain
fg8vvsvnieiv3ej16jby.litix.io
URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Domain
fg8vvsvnieiv3ej16jby.litix.io
URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Domain
fg8vvsvnieiv3ej16jby.litix.io
URL
https://fg8vvsvnieiv3ej16jby.litix.io/
Domain
sosexyunwrapped.itworks.com
URL
https://sosexyunwrapped.itworks.com/cdn-cgi/rum?
Domain
sosexyunwrapped.itworks.com
URL
https://sosexyunwrapped.itworks.com/portal/fa-solid-900.ttf
Domain
sosexyunwrapped.itworks.com
URL
https://sosexyunwrapped.itworks.com/portal/fa-regular-400.ttf
Domain
itworks.com
URL
https://itworks.com/ajax/bag
Domain
events.launchdarkly.com
URL
https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04
Domain
itworks.com
URL
https://itworks.com/api/log

Verdicts & Comments Add Verdict or Comment

179 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer string| GoogleAnalyticsObject function| ga function| onGoogleMapsLoad function| $ function| jQuery object| google_tag_manager object| google_tag_data object| gaplugins object| gaGlobal object| google object| litHtmlVersions object| litElementVersions object| reactiveElementVersions object| module$contents$mapsapi$overlay$overlayView_OverlayView object| webpackChunkportal function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononpageswappatched boolean| __zone_symbol__ononpagerevealpatched boolean| __zone_symbol__ononscrollendpatched boolean| __zone_symbol__ononscrollsnapchangepatched boolean| __zone_symbol__ononscrollsnapchangingpatched boolean| __zone_symbol__ononYouTubeIframeAPIReadypatched function| __zone_symbol__queueMicrotask object| CQPolyfill object| __core-js_shared__ object| Sailthru function| SwiperElementRegisterParams object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse object| __zone_symbol__resizefalse object| __zone_symbol__loadfalse object| __zone_symbol__pagehidefalse object| __cfBeacon object| __zone_symbol__visibilitychangetrue object| __zone_symbol__prerenderingchangetrue object| __zone_symbol__pageshowtrue object| __zone_symbol__keydowntrue object| __zone_symbol__clicktrue object| __zone_symbol__pagehidetrue object| __zone_symbol__loadtrue function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener function| eventListeners function| removeAllListeners

9 Cookies

Domain/Path Name / Value
.itworks.com/ Name: toggle-user
Value: US-en-RC-07
.itworks.com/ Name: cf_clearance
Value: vanBaJ_RwKgPC561e_RYs_R0BcMvjcKmKmKXC5Dy5oc-1732901098-1.2.1.1-suTGDklI7zyo2DN9N.UgUKqeeaoqxuMUHmuNPKfK07ZKBx8JA.bFAI0LiBTuM1TBW5bMWcqFxAQ2OrfJFUAEn0Un8bgMJCCpZp6Nptuqll3u_u.23VHQGrNKgZUPwjx6RvVzbRsVHqL4FGiK0.BXpkwwYm880udKz_6ejgVC8sjbKciy7umQbkN3xuzKFzVPpfnh_6fkeyHtm23Y9s4vZ6CYm9olGWHi5J1760f3n0e2S5Nt1kOm5OPtFayoqGw_IaybQrRX0dhWsO7zCTpjHpX6kEgX9hTjpFOeotcbJrhMZuyeYJPkglnLbRsPtao8JTyuP43fY4cWFkVXBYYiKxTHH.HF67iFIRjMCOCOfLEO9zRXB_eV9iPAoJ5SdhS6
.itworks.com/ Name: IWGDetectedLocale
Value: en-US
.itworks.com/ Name: IWGCountrySlug
Value: US
.itworks.com/ Name: IWGLanguageSlug
Value: en
.itworks.com/ Name: _ga
Value: GA1.1.1941793914.1732901097
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.itworks.com/ Name: IWGSessionGuid
Value: {4C3A5311-A2E6-4004-ACD7-B5010D84011A}
.itworks.com/ Name: _ga_B9ZCN4XJNP
Value: GS1.1.1732901096.1.0.1732901102.56.0.7317237

3 Console Messages

Source Level URL
Text
network error URL: https://services.itworks.com/customer/v1/profiles/sosexyunwrapped
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://services.itworks.com/customer/v1/profiles/sosexyunwrapped/details
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://services.itworks.com/customer/v1/profiles/sosexyunwrapped/details
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
assets-us-01.kc-usercontent.com
clientstream.launchdarkly.com
cmsproxy.itworks.com
code.jquery.com
d20519brkbo4nz.cloudfront.net
embed-cloudfront.wistia.com
embed-ssl.wistia.com
events.launchdarkly.com
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
fonts.gstatic.com
itworks.com
js.sentry-cdn.com
maps.googleapis.com
region1.analytics.google.com
region1.google-analytics.com
services.itworks.com
settings.luckyorange.com
sosexyunwrapped.itworks.com
static.cloudflareinsights.com
static.myitworks.com
stats.g.doubleclick.net
td.doubleclick.net
www.google-analytics.com
www.google.de
www.googletagmanager.com
embed-cloudfront.wistia.com
events.launchdarkly.com
fast.wistia.com
fg8vvsvnieiv3ej16jby.litix.io
itworks.com
region1.analytics.google.com
sosexyunwrapped.itworks.com
151.101.66.217
2001:4860:4802:34::36
2600:9000:2057:8200:18:6c16:27c0:93a1
2600:9000:211e:d400:1e:c86:4140:93a1
2606:4700::6810:5049
2606:4700::6812:1079
2606:4700::6812:1083
2606:4700::6812:1183
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:81d::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9d
2a04:4e42:200::347
2a04:4e42:200::649
2a04:4e42:400::644
2a04:4e42:600::729
3.33.235.18
34.107.203.234
52.206.112.129
027d5dde165217da2bb31aa5878ebc0b962d49096b31ab956f4c3d0af2a0dd98
03de23361c1221c60ef0070ae7f6b1b30d047e2ed954b3ec03ce374887c523da
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0bca1585cfca8f2b441e7182276fb74de04791acb5d5749eaf411663ceacef5a
0cdfed35e2d774231a81563470ecf23c3c0b6e6c48922a7c0e5198a0321c365b
13ce14e782b5d1654868ee929c6582d4e323fe777d40137f63436fd04abccdc9
16947687beb9dc990fd780f4144efdb292d9474c1f74497aa9a917f03d93f026
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028
1bf86f4bb298f2bb0fe125898af89e0f3ac7ec8cf2c53f5edef23a12451a8b73
1d710c548f888055f380f9fff8aec43d5f2bbf702c9aa12e1e3c35b76dfb5713
1fac3e4ab6275edf62271210d3ac8e2b77c182d5d17e0dcd59d89bc5fdbb6d4b
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377
26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf
349070e7a44a2c6e0cb83d8553f6ff84e2ba63fc95bd4bf6a2c78e8815202c1c
35ca72ea1571b028a5dbd8b4238fc778832e836c466b9826bab57d5cdcf80dc7
371734ccf792a68daff9693f3f46354567058c36ff02354a849237a43c1187b8
3920c003f19fdf6657c4bd18010ac6be95e6e900b7b2fbc4ca2f647c8e2ca003
3b1c46457ffb85c80d2ea57045d1f46910c75ed7efa6c075fdb4abd623555b37
40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15
40de9dce6925143754290df4d2ce2c30aede203a6d444ba50bdd2c5d6c61a438
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b
48297ac13e76efd39f64d23005c41a9d27bf6528ec62faba0715f07fc42a0260
496c6f4130c58605065dc4de7dcfc7954587927810df71251997e10dab1ca636
4b43152bd44f0a43a0bf096c07e5788dda034c30f66def71647973397f7a84d1
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5015fb7de2d75e628a6a6efa053ce66de9b47398a3720a8bb14989f17835138f
52fbeac0ef5949dc15505d9c399e60f7e889fbee6274faa71a9a97e1481e85ed
541d5c9825bd44636e773090fc882bb69d8d978c99b5e1ddf62f30538774755a
5520e06b9dfd27b6470edd04bf2c378852a9954e2b3bd7ce0368675946a7c82e
5f0b991341c5ee865f300b79379c04948cb14436ac1a336092c7f4d036cf98df
62a44d5dcb2c1b564996db0daa9d3ca7cca3d4c7c373ed98fa8269835e6f8641
64b1fb0730a1573b37b164dc32848fd6298ca1116285991f86228c42b312d52a
65d903dccf854e3d4773f29d0e3be13bb68af2783af665ae4586a18ad7518ccd
6612a5882703839b3abb0db52ca478d4476c005dbe627bc9bc8735664f73046c
67a95fff86e458504a10a5445c9e3bea23494aa4fd52561c0ce0988fd951d076
6817e2797ce7771afca1bba2f58e69bb1740f92091428ff6b87af8385c19a1cf
686472c4e28141b1b8b4433c5b529cb74fc99219396897f6daafed92b4b50378
69c4071373971f9806d9244695a40aee5cfd39ba8973e880706c31de371210cd
69e067e12d35f19d81236ce13b12dc0212198ec308c943cbfa965917770785d2
6efd263e86a0fad177ebe779681067bf4a9d8606cb543e3e71e23af9be8e7bda
7249705d38d45667c9573d01f750e39a87a1ac9ebdbcd7e36b2d9dc7759cd94b
76e7797c039a87bac86bfd1b7e242a7fe9cca40ef1e122fd577c7c5809a2a8c4
7d3a5c14c1aa5549f33fc18ec25f66b70ca9703a6407464d5a951d9239a17f05
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
88f3fa7f0fd796bf675f2e7f0aac695f4be1ca0282540a2ccce59fab4da15fce
893943a40dc646ad4f2582ed5012a0dbc63be6f2f2ad6986ad3693690cd20992
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8af9459dd55f42f8d1b9b3e2cbe8619fbf57438767964def87db29cb45678b7d
8bde8c262105b0b4001279d19d0aeab2915799d7869b34e2a07bfe6834aeefe3
92d5d83378e4f715a5a194afb2de4799954b0e0225164fa6144c5f1302a26595
95ad3a4e268330737e27ab319b967bd876d34ff11d061b7272060e57f89c21ba
9abef7b8e2c439b56e2f20270974622f04b9041d7b393560174de09a4257f5fd
9f856c8414143f27e5dd06dab33f37003f605eb4ac572f908c08123d2973bc9e
a12d20090da3b4b1b0eb020379148e317323e1fea3087723d4186c54d22e5946
ac8ceb901b0a197b5a1520a6424fd0dd3bea8c3098afa231ea1297c172f47e68
acc7bdc9dc2f60d65ca2dd0850885287b39fbf4c37ac3f3368640a8580b8f7f2
ae355ec264fc32deecb1bc5ab9863d755b9a4dbdd71cd687aedcfc130f067291
b3b444223e2a69996578ff4da4b3411f8923ac8b05fa70ced990fee22a05aa6d
b81cdd2d178c120aa79d3f1971a24dd47d48b0147c495201e224b22ea8818070
ba1f3034314fc03471d0d8f5de3b007f3df2ed2c3f5184051f96457f7b97e3de
c097e1027f753314a7dd90cb77375c5ac6782186da491ad822c7b0b584d804bc
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cca4851fa7a29a0607378c513516b3f892446d4a6a0c8cc33e6cfae6e2412ba9
ccd3193007afb621d7d338f9ddae0b8fef582cf8f5b5c58a7bc88a809622c752
cf422544f33d68cc402b9a7389b4f15d5ce54a0d4981a657c2952c6a65ed9c6d
d17a761a107c7b27e2aae1e12a2be31159021f0605ec2dccf9f5ef0802ff3bdd
d17b6e37d3db4b1f5703a79c122955e0c0a41f9986459507a93a5d42630751fc
d34d2bfeea83103cd26afcf72edefdd91bd710234af44374edc3506b148ae40c
d3db141429a250044d131a10847e705de586b775973b22d29dd4c41260e27e17
d92dbd1300eef39f0b27ca0e2a01087a64e3d84384a9196425fce5713cea7921
d94efbd74579fca79b44d18fa974a67cc3263d59de33eeeca82fa5bdbd2aef84
dc9d671ca07085015d0aa4382112952ba9c026209a406752223df07d8a8d3317
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfd4a1547459f6dc1c2990a4ca2b5414ca38bd4404f2c1da8558031c237ba156
e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9a8a9616e00c029d5725cc5dd0c49d15497f03efd13e7489864d61a85ac2a
eacb09800283c6960dc661e6700fe37d4f1555376a0a582f8efc2c41faef1a69
ed99a52835c699e332389b40595117350c7f12540883dfca237d5d8dfe3a215b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f052ee44c3728dfd23aba8a4567150bc314d23903026fbb6ad089422c2df56af
f239ebcaeae914c4ad3dbab07ec5d473da0938162ed714b06aee76fac77c1932
f289714d4bdfd52c75f977e580f409faa1fd9fe6bf7fc3aa503145683fb7e607
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f5aead7887510db7045f3374e5c70a88f9ebf8eeca74235435ec0cb2fdb1c2f3
f6093b16472adce538b1ed39291e9fa93f528611e14e4ce17540548376b8a3c9
f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c
f8432ad7f6da1fea69d56dcf18925971198095ae2d30ffaf8a613645f6c78a7f
f85430cdc730c3f6138eaa1d8491508bdaac5417f50a9155a30da65f2bf71603
fa20aa7e572a72d4b449019d735d93c957572bbf8ddef591336533a76264b7e4