urlscan.io logo urlscan.io
SecurityTrails logo

blog.well-being-review.com Open in urlscan Pro
2600:9000:275d:d400:a:315a:e1c0:93a1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://blog.well-being-review.com/mcflash-garantie
Effective URL: https://blog.well-being-review.com/mcflash-paiement
Submission: On August 13 via api from BE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 6 domains to perform 39 HTTP transactions. The main IP is 2600:9000:275d:d400:a:315a:e1c0:93a1, located in United States and belongs to AMAZON-02, US. The main domain is blog.well-being-review.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on June 21st 2024. Valid for: a year.
This is the only time blog.well-being-review.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 2600:9000:275... 16509 (AMAZON-02)
3 2600:9000:239... 16509 (AMAZON-02)
3 2600:9000:210... 16509 (AMAZON-02)
2 2620:1ec:bdf::44 8075 (MICROSOFT...)
3 184.28.89.148 16625 (AKAMAI-AS)
3 2600:9000:223... 16509 (AMAZON-02)
5 2600:9000:26d... 16509 (AMAZON-02)
3 3.160.150.32 16509 (AMAZON-02)
2 64.202.112.95 23352 (SERVERCEN...)
9 3.160.150.64 16509 (AMAZON-02)
3 4.153.72.49 8075 (MICROSOFT...)
1 2 13.74.129.1 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
39 12
3    2600:9000:275d:d400:a:315a:e1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
blog.well-being-review.com
3    2600:9000:2394:c00:1c:d937:ae40:93a1 (United States)

ASN16509 (AMAZON-02, US)
d3fit27i5nzkqh.cloudfront.net
3    2600:9000:2104:4600:2:5a9d:3800:21 (United States)

ASN16509 (AMAZON-02, US)
d33vglzdi1uj1c.cloudfront.net
2    2620:1ec:bdf::44 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    184.28.89.148 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-28-89-148.deploy.static.akamaitechnologies.com
amplify.outbrain.com
wave.outbrain.com
3    2600:9000:223f:3000:f:e793:dc40:21 (United States)

ASN16509 (AMAZON-02, US)
d3syewzhvzylbl.cloudfront.net
5    2600:9000:26db:200:f:a462:c1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
d1yei2z3i6k35z.cloudfront.net
3    3.160.150.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-32.fra60.r.cloudfront.net
js.stripe.com
2    64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
9    3.160.150.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-150-64.fra60.r.cloudfront.net
js.stripe.com
3    4.153.72.49 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
i.clarity.ms
2    13.74.129.1 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
14 cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d33vglzdi1uj1c.cloudfront.net
d3syewzhvzylbl.cloudfront.net
d1yei2z3i6k35z.cloudfront.net
3 MB
12 stripe.com
js.stripe.com — Cisco Umbrella Rank: 2856
192 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 1114
i.clarity.ms — Cisco Umbrella Rank: 17859
c.clarity.ms — Cisco Umbrella Rank: 1838
29 KB
5 outbrain.com
amplify.outbrain.com — Cisco Umbrella Rank: 4363
tr.outbrain.com — Cisco Umbrella Rank: 4248
wave.outbrain.com — Cisco Umbrella Rank: 4246
10 KB
3 well-being-review.com
blog.well-being-review.com
39 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 341
775 B
39 6
Domain Requested by
12 js.stripe.com d33vglzdi1uj1c.cloudfront.net
js.stripe.com
5 d1yei2z3i6k35z.cloudfront.net blog.well-being-review.com
3 i.clarity.ms d33vglzdi1uj1c.cloudfront.net
3 d3syewzhvzylbl.cloudfront.net blog.well-being-review.com
3 d33vglzdi1uj1c.cloudfront.net blog.well-being-review.com
3 d3fit27i5nzkqh.cloudfront.net blog.well-being-review.com
d33vglzdi1uj1c.cloudfront.net
3 blog.well-being-review.com 1 redirects
2 c.clarity.ms 1 redirects
2 tr.outbrain.com d33vglzdi1uj1c.cloudfront.net
amplify.outbrain.com
2 amplify.outbrain.com blog.well-being-review.com
d33vglzdi1uj1c.cloudfront.net
2 www.clarity.ms blog.well-being-review.com
www.clarity.ms
1 c.bing.com 1 redirects
1 wave.outbrain.com amplify.outbrain.com
39 13

This site contains links to these domains. Also see Links.

Domain
blog.revue-bien-etre.com
Subject Issuer Validity Valid
blog.well-being-review.com
Amazon RSA 2048 M03		 2024-06-21 -
2025-07-20		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-07 -
2024-12-07		 a year crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-14 -
2024-12-14		 a year crt.sh
a.stripecdn.com
DigiCert SHA2 Extended Validation Server CA		 2024-07-23 -
2024-10-24		 3 months crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh

This page contains 10 frames:

Primary Page: https://blog.well-being-review.com/mcflash-paiement
Frame ID: 54DC947438C8787C081B902859EDAA94
Requests: 30 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-with-preconnect-3b732b72524bc44d6a92203c81329a67.html
Frame ID: A931C81ABD7C383BD8B25324B79E4BDC
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-ee523091417c631d601fb2f23b80de60.html
Frame ID: 4FDE309F1425E13AC63FBDE35C6F14D3
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-ee523091417c631d601fb2f23b80de60.html
Frame ID: FD3955C9FC0E951B07C62C9807CF9D3E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-card-ee523091417c631d601fb2f23b80de60.html
Frame ID: 1C14E742BED0D461E4EBB7D0BD370E8C
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: E698078A0815D745F50B86D1CA693D4E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/hcaptcha-invisible-7ac91c2f3a6e69fd9c26ca78f426df58.html
Frame ID: E418CB9FDFCBC30061E1A42B4C9A07D0
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-84f68f6fd13a6ab277f8d13774a00bdc.html
Frame ID: 22694FA464F27531370C68362A6A7341
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-84f68f6fd13a6ab277f8d13774a00bdc.html
Frame ID: 000B75386B8355F382C42BA199C7CD7E
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/elements-inner-link-button-for-card-84f68f6fd13a6ab277f8d13774a00bdc.html
Frame ID: 0BFAA5095FC13D1F3044BF39A3DF4BC8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Commandez votre McFlash

Page URL History Show full URLs

  1. https://blog.well-being-review.com/mcflash-garantie HTTP 302
    https://blog.well-being-review.com/mcflash-paiement Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <[^>]+data-react
Overall confidence: 100%
Detected patterns
  • js\.stripe\.com

Page Statistics

39
Requests

97 %
HTTPS

54 %
IPv6

6
Domains

13
Subdomains

12
IPs

3
Countries

3223 kB
Transfer

5647 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://blog.well-being-review.com/mcflash-garantie HTTP 302
    https://blog.well-being-review.com/mcflash-paiement Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8A8FA7C5213E415987C2B2E2E0E1C4A5&RedC=c.clarity.ms&MXFR=1AB161981682601C0DC2754212826E7E HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8A8FA7C5213E415987C2B2E2E0E1C4A5&MUID=33E9FD6C89866FCE22C6E9B6880D6E42

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mcflash-paiement
blog.well-being-review.com/
Redirect Chain
  • https://blog.well-being-review.com/mcflash-garantie
  • https://blog.well-being-review.com/mcflash-paiement
179 KB
32 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:d400:a:315a:e1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.24.0 /
Resource Hash
f4eb8cceaacd6b69b6c8a3853e38fe9ff50b32473d8e7ab0b9147be6b146368b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

cache-control
max-age=0, must-revalidate, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 18:46:05 GMT
expires
Tue, 13 Aug 2024 18:46:04 GMT
server
nginx/1.24.0
vary
Accept-Encoding
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
x-amz-cf-id
vq-nC7s1XLQ1QeC7vLRKUvaqErlh8tTicNu8bTqNHz6KS86OfiOgkQ==
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0, must-revalidate, private
content-type
text/html; charset=UTF-8
date
Tue, 13 Aug 2024 18:46:04 GMT
expires
Tue, 13 Aug 2024 18:46:04 GMT
location
https://blog.well-being-review.com/mcflash-paiement
server
nginx/1.24.0
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
x-amz-cf-id
cIFsXDXQL8OPUAYSgY_Qe54Dor5U6YX0OQ4awm5lU5iyr7huGiR2CA==
x-amz-cf-pop
FRA56-P11
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-xss-protection
1; mode=block
all.min.css
d3fit27i5nzkqh.cloudfront.net/assets/css/ 		486 KB
80 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/css/all.min.css
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Thu, 23 May 2024 15:27:00 GMT
content-encoding
br
via
1.1 cf8597852fd073f5b8e6fed4908fe46e.cloudfront.net (CloudFront)
last-modified
Wed, 18 May 2022 12:25:57 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
7096746
etag
W/"325672b036bab9b57f6873aed5eccc43"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000,public
x-amz-cf-id
qnghxRrq9pt_lLJYEr7DT8y-BCcreMb2Rj-4YaXr9WlBmBq_xV3hyg==
runtime.6eff70f27189c49ac44b.js
d33vglzdi1uj1c.cloudfront.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d33vglzdi1uj1c.cloudfront.net/runtime.6eff70f27189c49ac44b.js
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:4600:2:5a9d:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b01f49ecc52d59e55d0bc5c66b496a6373a6cfd88af9ad5ac4d2fcd3bb7fa95d

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 00:53:06 GMT
content-encoding
gzip
via
1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
age
64407
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:75cca7a8-6f5e-4599-94b6-8f4cedacfc70
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
5e412645c8d4f1b3e45ae9e8e826bff4
last-modified
Fri, 09 Aug 2024 08:27:10 GMT
server
AmazonS3
etag
W/"189169619d13d1387dde766d3c6358ce"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
b68b985afccaab9d5fc8866c5df26a68c1d5ec009c9c09b9718f44fb44f24ddd
x-amz-cf-id
60HLFoCAKFBsn4JNOrc4f4ZeWKX9CfNj0Kj08NcmgoVdjgitUfBJFQ==
page.487f9fe1bd7ef5038c70.js
d33vglzdi1uj1c.cloudfront.net/ 		929 KB
143 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d33vglzdi1uj1c.cloudfront.net/page.487f9fe1bd7ef5038c70.js
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:4600:2:5a9d:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
264fb420ec4e4f621f2d0cd3e56af73294b98cf09af30f1ce45e209509d52fcb

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 15:37:18 GMT
content-encoding
br
via
1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
age
11334
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:221e8cfa-1406-40e7-83f5-0394bcadd025
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
5227ca387d53003cae8282820665682d
last-modified
Mon, 12 Aug 2024 15:30:02 GMT
server
AmazonS3
etag
W/"a5aa355e08c914a97b784f811b3446a0"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
035eb322a9f8eec8e3af62b95230836ba50a4c86c2977ddc90e0df676785456b
x-amz-cf-id
4KKdTst11MHnZU7uUo705MKDYIKOvLteIiR4izvDxam4q9nYc2uCEw==
vendors~page.7f9555d82d870c5c1b22.js
d33vglzdi1uj1c.cloudfront.net/ 		638 KB
190 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d33vglzdi1uj1c.cloudfront.net/vendors~page.7f9555d82d870c5c1b22.js
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:4600:2:5a9d:3800:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d532d2a4579454cc7c7481e3510da3deb0cf6082f25de110a32c68a224c96aa5

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 02:00:52 GMT
content-encoding
gzip
via
1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
age
60367
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:308636154300:build/ProdPageEditorBuildPublisher:75cca7a8-6f5e-4599-94b6-8f4cedacfc70
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
5e412645c8d4f1b3e45ae9e8e826bff4
last-modified
Fri, 09 Aug 2024 08:27:09 GMT
server
AmazonS3
etag
W/"9dc2bbacc8f8838368096593524bf5b1"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
b68b985afccaab9d5fc8866c5df26a68c1d5ec009c9c09b9718f44fb44f24ddd
x-amz-cf-id
VXopoezoBW5MkvkJczcHhd6omQf2oowYVe_ynHrfJ2dnzGSXzWQN1A==
gtfat68cym
www.clarity.ms/tag/ 		638 B
1002 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/gtfat68cym
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
8faf598272b7483f79a8960e6aeffd747d5013f66d6792391e3cd11ff7a68e1f

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

request-context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
date
Tue, 13 Aug 2024 18:46:05 GMT
x-azure-ref
20240813T184605Z-179d6ccbd55xrtcnd8w0rcq4580000000awg00000001925k
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
638
expires
-1
obtp.js
amplify.outbrain.com/cp/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
478969b90650f491604fb1fb981d25f2350a42df053712227aafa86725538fc1

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 18:46:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 Jul 2024 07:46:01 GMT
Server
AkamaiNetStorage
ETag
"484f007d650a3fc9fe7590700b8bf590:1721634587.188058"
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8617
Expires
Tue, 13 Aug 2024 19:06:05 GMT
700.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/lato/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/lato/700.woff2
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3000:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
60eecd68a7969e3c408c459cfe5190a95d800fcc52508630b44f7e9b6899c4a9

Request headers

Referer
https://blog.well-being-review.com/
Origin
https://blog.well-being-review.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 05:09:32 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
49011
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
26544
last-modified
Fri, 14 Apr 2023 06:24:08 GMT
server
AmazonS3
etag
"26929ed1cf1c4a2da9d6857efc027bfb"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
DO3x6rUN829z_4lPQL7KQ3DEl3umJkL9OLMUUNgIJ0y_UL_zA8e65g==
regular.woff2
d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3syewzhvzylbl.cloudfront.net/fonts/google-fonts/montserrat/regular.woff2
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3000:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6c55359c2badcb06edc896bccd3618919ec54035299f1f5db5c6cafd5e8933cf

Request headers

Referer
https://blog.well-being-review.com/
Origin
https://blog.well-being-review.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 05:59:09 GMT
via
1.1 83f46196ad7d99e4351e2a7adab8f174.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
46022
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
55160
last-modified
Fri, 14 Apr 2023 06:24:30 GMT
server
AmazonS3
etag
"39cdece7149132b8bce63dc6e5d36c9a"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
Yp8RbaJqu2B7PLFNhrYHFRetdJmIeYY_kA8mnv2ME9wd0A0TMelayg==
6661ad1a1592d_McFlashlogo.png
d1yei2z3i6k35z.cloudfront.net/1012525/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1012525/6661ad1a1592d_McFlashlogo.png
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:200:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
14837b08cfa424aedde3c8184f334529e887dda56f00ff05e3fbad3b951a5319

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 17:52:11 GMT
via
1.1 b36a9cc0b5286fd650732f1458855500.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
176034
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28602
last-modified
Thu, 06 Jun 2024 12:35:40 GMT
server
AmazonS3
etag
"7b433d6703d0c082d08cf76657c67e05"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
Z5yJYWf0ok_iiFjkjr8zmqh47H5kmSP3h5L1zL2gDe5H0orqteT8DQ==
6662e7410dd74_creaflash.png
d1yei2z3i6k35z.cloudfront.net/1012525/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1012525/6662e7410dd74_creaflash.png
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:200:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7a507a61df26d42cb88ba1e90be5817ae26c670ec0f7234292ba391afaf5204

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 17:52:11 GMT
via
1.1 b36a9cc0b5286fd650732f1458855500.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
176034
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2431822
last-modified
Fri, 07 Jun 2024 10:56:02 GMT
server
AmazonS3
etag
"9f7a1796d48ff0012084cba781015834"
vary
Origin
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
fSZ_NSVaubIZSDn42Gz12-tukx68XjKynfqdFYu_J-JAU8vIi_rG9g==
6068ba7cb11c8_badge_50off.png
d1yei2z3i6k35z.cloudfront.net/893893/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/893893/6068ba7cb11c8_badge_50off.png
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:200:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
26bbce462a88585993ead0f33bcbef4c421ade8c386ed1096dde646808eaec55

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:46:24 GMT
via
1.1 b36a9cc0b5286fd650732f1458855500.cloudfront.net (CloudFront)
last-modified
Sat, 03 Apr 2021 18:57:02 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
385182
etag
"51ea33b30dfa6938935ca12a7f2c53ec"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
2231
x-amz-cf-id
OtaiYZPOm3grhHIy2DOoaLG220cQJRiloJc5XIpmSmV0RxuAC_moRw==
6661a5a857607_McFlash4.jpeg
d1yei2z3i6k35z.cloudfront.net/1012525/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/1012525/6661a5a857607_McFlash4.jpeg
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:200:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
43915b8234467d8c9a60a5b2539f9992bb7a0e2961cbd268517198cbd5743ac5

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Sun, 11 Aug 2024 17:52:11 GMT
via
1.1 b36a9cc0b5286fd650732f1458855500.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P3
age
176034
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
28699
last-modified
Thu, 06 Jun 2024 12:03:54 GMT
server
AmazonS3
etag
"134566a7991a7031293a34b8560ac2dd"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
x-amz-cf-id
Sdy9ztOZZ5D5Q784NmcKbYz8v8TycbT1Ti7nRfhkr4xVdj3uEBdoIA==
606ef86dc5a17_security-logos.png
d1yei2z3i6k35z.cloudfront.net/893893/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1yei2z3i6k35z.cloudfront.net/893893/606ef86dc5a17_security-logos.png
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:26db:200:f:a462:c1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f7143d34ebb2eaeda71b1957a9517b4a555f617b60bacb600aa63608e55d0176

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Fri, 09 Aug 2024 07:46:24 GMT
via
1.1 b36a9cc0b5286fd650732f1458855500.cloudfront.net (CloudFront)
last-modified
Thu, 08 Apr 2021 12:34:55 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P3
age
385182
etag
"f89a11d9f0a8f547176140fca32b0063"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
noindex
content-length
3532
x-amz-cf-id
t4qqvoH-ijtv7JBZ96BjoTZhfeErMdY9-aHpeKF28SsNPm0UsrIgXA==
v3
js.stripe.com/ 		635 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.7f9555d82d870c5c1b22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-32.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
171eb3576c18afe3e8e3ee6bfbf77285d3eba9d95ae7c032c3541d75d81c047f
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 18:45:59 GMT
content-encoding
br
via
1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
7
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 13 Aug 2024 17:53:35 GMT
server
Cloudfront
etag
W/"b5583b194888c6bd09cb7c8946199f77"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60
timing-allow-origin
*
x-amz-cf-id
oBmQz68LN0J0RWLTi1GgWi0D7JDy5VIDXHt8jz-OZ2fd60w-ICSAZA==
stripe.css
d3fit27i5nzkqh.cloudfront.net/assets/css/ 		543 B
920 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/css/stripe.css?ver=1.1
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.7f9555d82d870c5c1b22.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
80f54a405b40ee0789932fc98411041698b271e21f11eb32d5bfb1338c51aac7

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 18:46:06 GMT
via
1.1 cf8597852fd073f5b8e6fed4908fe46e.cloudfront.net (CloudFront)
last-modified
Thu, 06 May 2021 13:20:24 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
etag
"3e3655182d228c28dc9bf0d4855508c9"
vary
Accept-Encoding, Origin
x-cache
RefreshHit from cloudfront
content-type
text/css
cache-control
no-store, max-age=0
accept-ranges
bytes
content-length
543
x-amz-cf-id
JowkjZeC69gQiX7RhqBpN-nOx-lS-deGNOzBN0PdA9_WGmNJ2uBNVA==
credit_cards.png
d3fit27i5nzkqh.cloudfront.net/assets/images/payment/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3fit27i5nzkqh.cloudfront.net/assets/images/payment/credit_cards.png
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2394:c00:1c:d937:ae40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc7931372af8604a96437bad96198101780fc547b3abc4926fa73261cba59fcd

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 23 Oct 2023 15:00:13 GMT
via
1.1 cf8597852fd073f5b8e6fed4908fe46e.cloudfront.net (CloudFront)
last-modified
Wed, 08 Dec 2021 12:39:52 GMT
server
AmazonS3
x-amz-cf-pop
AMS1-P2
age
25501553
etag
"f1c4d2eb4d0285d37aa387cf115e8f0e"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000,public
accept-ranges
bytes
content-length
15845
x-amz-cf-id
aGYvfAlWozdrEs9HzPExjAYKsaO5vf6Vy1pvDPEbdH4ZpCfhkOP3yw==
de.svg
d3syewzhvzylbl.cloudfront.net/images/flag-icons/ 		271 B
711 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d3syewzhvzylbl.cloudfront.net/images/flag-icons/de.svg
Requested by
Host: blog.well-being-review.com
URL: https://blog.well-being-review.com/mcflash-paiement
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3000:f:e793:dc40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e3c8f938c6fc4fc97c81f398a71d0d789b44b6be458469d7056372a2c05837a

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 01:05:35 GMT
via
1.1 0341da327f4c4c49034aa07ebeeab1f0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
63631
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
271
last-modified
Thu, 28 Sep 2023 09:00:50 GMT
server
AmazonS3
etag
"939afd91bea7074f84f4a328ca095295"
access-control-max-age
31536000
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
vary
Accept-Encoding
accept-ranges
bytes
x-amz-cf-id
l3zq0DQx6_2e50lf_M5vlq8jNwnPyGV7istRXm5L4tUFLZCWQIjhmA==
unifiedPixel
tr.outbrain.com/ 		53 B
321 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/unifiedPixel?au=false&bust=02611344440051071&referrer=&marketerId=002b4684bb8a744fd1b2f74c7bc485188a&name=PAGE_VIEW&dl=https%3A%2F%2Fblog.well-being-review.com%2Fmcflash-paiement&g=0&obApiVersion=1.1&obtpVersion=2.0.5
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.7f9555d82d870c5c1b22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 18:46:05 GMT
cache-control
no-cache
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-traceid
05dd27cf9f34bc19e69378128a8a7d10
content-length
54
content-type
image/gif;
cachedClickId
tr.outbrain.com/ 		35 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=002b4684bb8a744fd1b2f74c7bc485188a
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 18:46:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-traceid
752a5441637ea1fd865472982e838d2f
content-length
39
content-type
application/javascript
002b4684bb8a744fd1b2f74c7bc485188a
wave.outbrain.com/mtWavesBundler/handler/ 		2 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://wave.outbrain.com/mtWavesBundler/handler/002b4684bb8a744fd1b2f74c7bc485188a
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Tue, 13 Aug 2024 18:46:05 GMT
ob-sent-time
1723555565266
ETag
W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary
Accept-Encoding
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=60
X-CC
DE
Connection
keep-alive
x-traceid
b184a0698f5fcbb87edeaeb8175a5a58
Content-Length
22
Expires
Tue, 13 Aug 2024 18:47:05 GMT
topics
amplify.outbrain.com/ 		26 B
301 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/topics
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.7f9555d82d870c5c1b22.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.28.89.148 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-28-89-148.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Date
Tue, 13 Aug 2024 18:46:05 GMT
Observe-Browsing-Topics
?1
Content-Type
text/html
Access-Control-Allow-Origin
*
X-RG
EU
Cache-Control
max-age=1200
X-CC
DE
Connection
keep-alive
Content-Length
26
Expires
Tue, 13 Aug 2024 19:06:05 GMT
clarity.js
www.clarity.ms/s/0.7.41/ 		62 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.41/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/gtfat68cym
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 18:46:05 GMT
content-encoding
br
last-modified
Thu, 01 Aug 2024 19:54:07 GMT
etag
W/"0x8DCB263B4239D88"
vary
Accept-Encoding
x-azure-ref
20240813T184605Z-179d6ccbd55xrtcnd8w0rcq4580000000awg00000001926b
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
510baef2-d01e-0018-23b9-e8f1bc000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
controller-with-preconnect-3b732b72524bc44d6a92203c81329a67.html
js.stripe.com/v3/ Frame A931 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/controller-with-preconnect-3b732b72524bc44d6a92203c81329a67.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-64.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
36
alt-svc
h3=":443"; ma=86400
cache-control
max-age=60, stale-while-revalidate=900
content-length
651
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://stripe.com/cookie-settings/enforcement-mode https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 18:45:30 GMT
etag
"3b732b72524bc44d6a92203c81329a67"
last-modified
Tue, 13 Aug 2024 17:11:06 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
x-amz-cf-id
vRBMCWM6hodnAIqE_cMe627R0nkalyzgnAAWNvA6Dg44I5D6c5nhUw==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-ee523091417c631d601fb2f23b80de60.html
js.stripe.com/v3/ Frame 4FDE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-ee523091417c631d601fb2f23b80de60.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-64.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1782
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 18:16:24 GMT
etag
W/"ee523091417c631d601fb2f23b80de60"
last-modified
Tue, 13 Aug 2024 17:11:06 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
x-amz-cf-id
4jb-71lQVvbt1Ktek5yaGbGMCKKBdv8VNAt9Jm715NmRcWA_v81_sg==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-ee523091417c631d601fb2f23b80de60.html
js.stripe.com/v3/ Frame FD39 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-ee523091417c631d601fb2f23b80de60.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-64.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1782
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 18:16:24 GMT
etag
W/"ee523091417c631d601fb2f23b80de60"
last-modified
Tue, 13 Aug 2024 17:11:06 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
x-amz-cf-id
4jb-71lQVvbt1Ktek5yaGbGMCKKBdv8VNAt9Jm715NmRcWA_v81_sg==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-card-ee523091417c631d601fb2f23b80de60.html
js.stripe.com/v3/ Frame 1C14 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-card-ee523091417c631d601fb2f23b80de60.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-64.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1782
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 18:16:24 GMT
etag
W/"ee523091417c631d601fb2f23b80de60"
last-modified
Tue, 13 Aug 2024 17:11:06 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
x-amz-cf-id
4jb-71lQVvbt1Ktek5yaGbGMCKKBdv8VNAt9Jm715NmRcWA_v81_sg==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
collect
i.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.7f9555d82d870c5c1b22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://blog.well-being-review.com
Date
Tue, 13 Aug 2024 18:46:05 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=8A8FA7C5213E415987C2B2E2E0E1C4A5&RedC=c.clarity.ms&MXFR=1AB161981682601C0DC2754212826E7E
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8A8FA7C5213E415987C2B2E2E0E1C4A5&MUID=33E9FD6C89866FCE22C6E9B6880D6E42
42 B
467 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8A8FA7C5213E415987C2B2E2E0E1C4A5&MUID=33E9FD6C89866FCE22C6E9B6880D6E42
Protocol
H2
Server
13.74.129.1 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Aug 2024 18:46:05 GMT
last-modified
Thu, 01 Aug 2024 17:45:27 GMT
server
Microsoft-IIS/10.0
etag
"43fd8f983ae4da1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2024 18:46:05 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 7295B66CF08E4827849832E5C92BBEFC Ref B: FRA31EDGE0617 Ref C: 2024-08-13T18:46:05Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=8A8FA7C5213E415987C2B2E2E0E1C4A5&MUID=33E9FD6C89866FCE22C6E9B6880D6E42
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
m-outer-3437aaddcdf6922d623e172c2d6f9278.html
js.stripe.com/v3/ Frame E698 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-64.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
1838
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-length
200
content-security-policy
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 18:15:28 GMT
etag
"3437aaddcdf6922d623e172c2d6f9278"
last-modified
Sat, 10 Aug 2024 19:01:47 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-cf-id
kd4lRGCp7mtwYNUU1zAyYH83JSJ6EJqYJGF9TKGrOgIEE1kQEYNBzQ==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
614843ecc89ab_faviconrevue.png
blog.well-being-review.com/1219996/ 		6 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://blog.well-being-review.com/1219996/614843ecc89ab_faviconrevue.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:d400:a:315a:e1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2b6d03d5a66d298ebf02223ac8296ce952808cae7c2af992692101610b616ecd

Request headers

Referer
https://blog.well-being-review.com/mcflash-paiement
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 04:38:43 GMT
via
1.1 012ed5015dc2306833b5abb65b3a0378.cloudfront.net (CloudFront)
last-modified
Mon, 20 Sep 2021 08:18:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
age
50843
etag
"ca8d4ba893510ff15fb8a27b5b18f54e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
6164
x-amz-cf-id
FsopEGLijESmz6c-_Tu9vcMothRrGHdDgMeUmRUotD8-HxJk_GmUCg==
hcaptcha-invisible-7ac91c2f3a6e69fd9c26ca78f426df58.html
js.stripe.com/v3/ Frame E418 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/hcaptcha-invisible-7ac91c2f3a6e69fd9c26ca78f426df58.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-64.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-CgezpEkbzsYA/EF2MF0JxCU4q1uEP1Pjr6CoiEfgl40='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1787
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://errors.stripe.com https://r.stripe.com; default-src 'self'; form-action 'none'; frame-src 'self' https://b.stripecdn.com; img-src 'self' https://q.stripe.com; object-src 'none'; script-src 'self' 'sha256-CgezpEkbzsYA/EF2MF0JxCU4q1uEP1Pjr6CoiEfgl40='; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 18:16:20 GMT
etag
W/"6869feb3b050d4cb9879f9ce7cc1135f"
last-modified
Tue, 13 Aug 2024 17:11:22 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-cf-id
NdtHHFEt2OMIJVlaXp5Vz-nHkow0F4G5jHS6RfvjqQDP4YYa2cDlng==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
js.stripe.com/v3/fingerprinted/js/ 		148 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-5113174565c377315fd5b8d695d8b541.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.150.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-32.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 18:08:43 GMT
content-encoding
gzip
via
1.1 7115bbde016dc7107bc64db76ba40c56.cloudfront.net (CloudFront)
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-content-type-options
nosniff
age
2243
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 07 Aug 2024 20:00:57 GMT
server
Cloudfront
etag
W/"f7a3e754fa2fa9117506f69f618b5778"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
timing-allow-origin
*
x-amz-cf-id
IiYYUkQ9p-MM21nK47_4EMW1K2brN-PVwpAWybJH94MzoHsCub6yfg==
elements-inner-link-button-for-card-84f68f6fd13a6ab277f8d13774a00bdc.html
js.stripe.com/v3/ Frame 2269 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-link-button-for-card-84f68f6fd13a6ab277f8d13774a00bdc.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-64.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1774
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 18:16:56 GMT
etag
W/"84f68f6fd13a6ab277f8d13774a00bdc"
last-modified
Tue, 13 Aug 2024 17:11:06 GMT
origin-agent-cluster
?1
server
Cloudfront
strict-transport-security
max-age=31556926; includeSubDomains; preload
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-cf-id
ZHhiOB-DpRfSQztXijfkz4nauo7mTXPZx77ZU1kW8SN7cIKq6E7xgA==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-link-button-for-card-84f68f6fd13a6ab277f8d13774a00bdc.html
js.stripe.com/v3/ Frame 000B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-link-button-for-card-84f68f6fd13a6ab277f8d13774a00bdc.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-64.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1774
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 18:16:56 GMT
etag
W/"84f68f6fd13a6ab277f8d13774a00bdc"
last-modified
Tue, 13 Aug 2024 17:11:06 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-cf-id
ZHhiOB-DpRfSQztXijfkz4nauo7mTXPZx77ZU1kW8SN7cIKq6E7xgA==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
elements-inner-link-button-for-card-84f68f6fd13a6ab277f8d13774a00bdc.html
js.stripe.com/v3/ Frame 0BFA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/elements-inner-link-button-for-card-84f68f6fd13a6ab277f8d13774a00bdc.html
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-64.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
Security Headers
Name Value
Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
age
1774
alt-svc
h3=":443"; ma=86400
cache-control
max-age=31536000
content-encoding
br
content-security-policy
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only
base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://ppm.stripe.com; default-src 'self'; font-src data: https:; form-action 'none'; frame-src 'self' https://www.affirm.com https://checkout.link.com https://b.stripecdn.com; img-src 'self' https://q.stripe.com https://b.stripecdn.com https://js.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type
text/html; charset=utf-8
date
Tue, 13 Aug 2024 18:16:56 GMT
etag
W/"84f68f6fd13a6ab277f8d13774a00bdc"
last-modified
Tue, 13 Aug 2024 17:11:06 GMT
origin-agent-cluster
?1
server
Cloudfront
timing-allow-origin
*
vary
Accept-Encoding
via
1.1 12dba18ae3d66aa7dad74e664431ae9a.cloudfront.net (CloudFront)
x-amz-cf-id
ZHhiOB-DpRfSQztXijfkz4nauo7mTXPZx77ZU1kW8SN7cIKq6E7xgA==
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
x-content-type-options
nosniff
collect
i.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.7f9555d82d870c5c1b22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://blog.well-being-review.com
Date
Tue, 13 Aug 2024 18:46:06 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
collect
i.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clarity.ms/collect
Requested by
Host: d33vglzdi1uj1c.cloudfront.net
URL: https://d33vglzdi1uj1c.cloudfront.net/vendors~page.7f9555d82d870c5c1b22.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
4.153.72.49 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://blog.well-being-review.com
Date
Tue, 13 Aug 2024 18:46:08 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
js.stripe.com/v3/fingerprinted/js/ 		176 B
546 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-efd8cf45ce422659c098993bfc62531b.js
Requested by
Host: js.stripe.com
URL: https://js.stripe.com/v3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-32.fra60.r.cloudfront.net
Software
Cloudfront /
Resource Hash
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
Security Headers
Name Value
Strict-Transport-Security max-age=31556926; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.well-being-review.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 18:15:24 GMT
via
1.1 88fd4dc311317996718ed4ed98e5cbda.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31556926; includeSubDomains; preload
x-amz-cf-pop
FRA60-P7
age
1847
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
176
last-modified
Sat, 10 Aug 2024 19:01:46 GMT
server
Cloudfront
etag
"96f5b26d366f47393b3ff36fe7471474"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
Sz55HD4QZhQd4YNxIJzrDkg9hUZOr6ZgqOuT7_lFmFGEBb9hKedcwQ==

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 function| clarity function| obApi object| initialI18nStore string| initialLanguage string| email_input_id string| sms_input_id object| tags object| now function| print_infos function| email_only function| sms_only function| sms_mail function| send_data function| send_tracking string| omnisend_API string| track_API object| webpackChunkeditor number| _rollbarStartTime function| rollbar boolean| _rollbarDidLoad object| scCGSHMRCache object| regeneratorRuntime function| apiObj object| webpackChunkStripeJSouter function| noop function| Stripe

16 Cookies

Domain/Path Name / Value
blog.well-being-review.com/ Name: purchase_process_id_4094458
Value: a1f6ac7d931d8e44
blog.well-being-review.com/ Name: v
Value: 01J56GZHCWWS9KS4MXYSZEY3M1
www.clarity.ms/ Name: CLID
Value: 0325caf84612480c9b4b5bc3d3377090.20240813.20250813
blog.well-being-review.com/ Name: dicbo_id
Value: %7B%22dicbo_fetch%22%3A1723574765718%7D
.bing.com/ Name: MUID
Value: 33E9FD6C89866FCE22C6E9B6880D6E42
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 33E9FD6C89866FCE22C6E9B6880D6E42
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 33E9FD6C89866FCE22C6E9B6880D6E42
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
api2.hcaptcha.com/ Name: __cflb
Value: 0H28vk2VKwPbLoawFj9mU2fhedYxxWRD5DgR7ejJ7ZF
m.stripe.com/ Name: m
Value: 8ee5fe5d-d093-4041-a4dd-bcc37f3b6149df26e9
.blog.well-being-review.com/ Name: __stripe_mid
Value: d2ff78b4-8064-4e6b-9b85-a858eb869cf3e1c0b4
.blog.well-being-review.com/ Name: __stripe_sid
Value: 4503e527-107d-4b5b-a24a-2bd63cdbcc23830fc1
api.hcaptcha.com/ Name: hmt_id
Value: 223a8814-449c-4cea-8a61-be4af2562ef4

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
blog.well-being-review.com
c.bing.com
c.clarity.ms
d1yei2z3i6k35z.cloudfront.net
d33vglzdi1uj1c.cloudfront.net
d3fit27i5nzkqh.cloudfront.net
d3syewzhvzylbl.cloudfront.net
i.clarity.ms
js.stripe.com
tr.outbrain.com
wave.outbrain.com
www.clarity.ms
13.74.129.1
184.28.89.148
2600:9000:2104:4600:2:5a9d:3800:21
2600:9000:223f:3000:f:e793:dc40:21
2600:9000:2394:c00:1c:d937:ae40:93a1
2600:9000:26db:200:f:a462:c1c0:93a1
2600:9000:275d:d400:a:315a:e1c0:93a1
2620:1ec:bdf::44
2620:1ec:c11::237
3.160.150.32
3.160.150.64
4.153.72.49
64.202.112.95
07b6b3d899dd69c0e9eb463e23e10e30e82588eddf95d15d45bb505c6703a813
14837b08cfa424aedde3c8184f334529e887dda56f00ff05e3fbad3b951a5319
171eb3576c18afe3e8e3ee6bfbf77285d3eba9d95ae7c032c3541d75d81c047f
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
264fb420ec4e4f621f2d0cd3e56af73294b98cf09af30f1ce45e209509d52fcb
26bbce462a88585993ead0f33bcbef4c421ade8c386ed1096dde646808eaec55
2b6d03d5a66d298ebf02223ac8296ce952808cae7c2af992692101610b616ecd
43915b8234467d8c9a60a5b2539f9992bb7a0e2961cbd268517198cbd5743ac5
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
478969b90650f491604fb1fb981d25f2350a42df053712227aafa86725538fc1
60eecd68a7969e3c408c459cfe5190a95d800fcc52508630b44f7e9b6899c4a9
621661fe1c7a59420c624f7a421c566ebfb38cfbc7edd98ee0462c44d15971f9
63bb2e926bb71d9af20024a237718b3cbd8bcb03af6fe3510132024571005f69
6c55359c2badcb06edc896bccd3618919ec54035299f1f5db5c6cafd5e8933cf
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
80f54a405b40ee0789932fc98411041698b271e21f11eb32d5bfb1338c51aac7
8e3c8f938c6fc4fc97c81f398a71d0d789b44b6be458469d7056372a2c05837a
8faf598272b7483f79a8960e6aeffd747d5013f66d6792391e3cd11ff7a68e1f
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a35f901d01118e5649091bd03ac5784a7db52e111fb3806524c412f3d1dcfc5d
b01f49ecc52d59e55d0bc5c66b496a6373a6cfd88af9ad5ac4d2fcd3bb7fa95d
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b7a507a61df26d42cb88ba1e90be5817ae26c670ec0f7234292ba391afaf5204
d532d2a4579454cc7c7481e3510da3deb0cf6082f25de110a32c68a224c96aa5
dc7931372af8604a96437bad96198101780fc547b3abc4926fa73261cba59fcd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4eb8cceaacd6b69b6c8a3853e38fe9ff50b32473d8e7ab0b9147be6b146368b
f7143d34ebb2eaeda71b1957a9517b4a555f617b60bacb600aa63608e55d0176