bewellportal.com Open in urlscan Pro
2606:4700:3033::ac43:83f1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bewellportal.com/
Submission: On February 16 via manual (February 16th 2021, 4:57:30 pm UTC) from US

Summary HTTP 95 Redirects Behaviour Indicators

Summary

This website contacted 19 IPs in 2 countries across 16 domains to perform 95 HTTP transactions. The main IP is 2606:4700:3033::ac43:83f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is bewellportal.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 13th 2020. Valid for: a year.

This is the only time bewellportal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:303... 2606:4700:3033::ac43:83f1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2600:9000:20e... 2600:9000:20e8:e000:2:6f7a:6f00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:a823	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
21	89.187.169.26 89.187.169.26	60068 (CDN77 (^_^)/) (CDN77 (^_^)/)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
5	52.34.133.113 52.34.133.113	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
95	19

12 2606:4700:3033::ac43:83f1 (United States)

ASN13335 (CLOUDFLARENET, US)

bewellportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2600:9000:20e8:e000:2:6f7a:6f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

mleuj6y28mxj.i.optimole.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a823 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 89.187.169.26 (Frankfurt am Main, Germany)

ASN60068 (CDN77 (^_^)/, GB)
PTR: unn-89-187-169-26.cdn77.com

load.sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.34.133.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-34-133-113.us-west-2.compute.amazonaws.com

sumo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

clients6.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:800e:face:b00c:0:2 (United States)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	sumo.com load.sumo.com sumo.com	712 KB
15	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	276 KB
12	bewellportal.com bewellportal.com	157 KB
11	optimole.com mleuj6y28mxj.i.optimole.com	392 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	91 KB
5	googleapis.com ajax.googleapis.com fonts.googleapis.com	66 KB
4	doubleclick.net googleads.g.doubleclick.net	28 KB
3	googletagmanager.com www.googletagmanager.com	30 KB
2	facebook.com graph.facebook.com api.facebook.com	1 KB
2	googletagservices.com www.googletagservices.com	60 KB
2	google.com adservice.google.com clients6.google.com	169 B
2	google-analytics.com www.google-analytics.com	19 KB
1	google.de adservice.google.de	169 B
1	googleadservices.com partner.googleadservices.com	412 B
1	cloudflare.com ajax.cloudflare.com	4 KB
0	thelyra.pro Failed thelyra.pro Failed
95	16

	Domain	Requested by
21	load.sumo.com	bewellportal.com load.sumo.com
12	bewellportal.com	bewellportal.com ajax.cloudflare.com
11	mleuj6y28mxj.i.optimole.com	bewellportal.com
8	pagead2.googlesyndication.com	ajax.cloudflare.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
5	sumo.com	load.sumo.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	bewellportal.com fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net bewellportal.com
3	www.googletagmanager.com	bewellportal.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	ajax.googleapis.com	ajax.cloudflare.com
1	api.facebook.com	load.sumo.com
1	graph.facebook.com	load.sumo.com
1	clients6.google.com	load.sumo.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.cloudflare.com	bewellportal.com
0	thelyra.pro Failed	ajax.cloudflare.com
95	22

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-13` - `2021-07-13`	a year	crt.sh
*.i.optimole.com Amazon	`2020-06-10` - `2021-07-10`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.sumo.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://bewellportal.com/
Frame ID: 0FA138F7089202D6DF4C63E27B32DA4D
Requests: 79 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: 37FA74B9EB2BD64371F55171ED8706E9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&adk=318159125&adf=2184669829&lmt=1610663858&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbewellportal.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613494628440&bpp=14&bdt=1327&idt=127&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=154159558623&frm=20&pv=2&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=150
Frame ID: 3806C74E5B65CA91FC6FB4E60A4DD1AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
Frame ID: 35FF2AB9E235590C7A9FE6A319680801
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C340BA5142D85BF691F889591BFEE971
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js
Frame ID: D621E95787F89DE9A47682DDC2B551DA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

95
Requests

97 %
HTTPS

83 %
IPv6

16
Domains

22
Subdomains

19
IPs

2
Countries

1836 kB
Transfer

6170 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

95 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bewellportal.com/ 38 KB
9 KB 468ms
422ms Document
text/html 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99483f1afa0e167d187258f6fe14212ee8ec0daa95a6ad0723fe9268885bb69a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

:method: GET
:authority: bewellportal.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:07 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d286300f05ef91b0c42041da52ab5d99e1613494626; expires=Thu, 18-Mar-21 16:57:06 GMT; path=/; domain=.bewellportal.com; HttpOnly; SameSite=Lax; Secure
last-modified: Thu, 14 Jan 2021 22:37:38 GMT
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Mon, 29 Oct 1923 20:30:00 GMT
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
cf-request-id: 084d5f4182000005b782203000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JJAatOuqmd3b8GYzUG4h%2BW3jCPyHvJU96gXR%2FmgaQntE4lmiQk0Vq9Vl1QYDobtEH5MyZXlwwj8JmmmUBHcf6TdjckFLxFKEC2ppYxYrnunyLSo%2B9raxgHQy6zxZ"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6228ce48c88105b7-FRA
content-encoding: br

GET
H2 200 1610663849-a9237ca79c77db7631bfbbe4042926ae05d9e814.min.css
bewellportal.com/wp-content/cache/fvm/min/bewellportal.com/ 168 KB
30 KB 562ms
561ms Stylesheet
text/css 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-content/cache/fvm/min/bewellportal.com/1610663849-a9237ca79c77db7631bfbbe4042926ae05d9e814.min.css

Requested by

Host: bewellportal.com
URL: https://bewellportal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5039e92d3fdaff3eb6d359a88fc73b73fa771471660453c43b34caea97e7e0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 084d5f432e000005b7a8bc1000000001
last-modified: Thu, 14 Jan 2021 22:37:37 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lsa343ur%2F9rrvRGjpdk1Hzx0qD0Ywr6JboZBG6fptNIQOjcZWNdX3oSXPtnj1ANoeP%2BJBLIhzgCgMbNhOPxJg8Ug6n%2FlKC5aelN7S3J94gMzgIQeRHE7U22z0f%2Fb"}],"max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
cf-ray: 6228ce4b7d6d05b7-FRA
expires: max-age=2592000, public

GET
H2 200 c0omk.css
bewellportal.com/wp-content/cache/wpfc-minified/9m12zhu7/ 167 KB
29 KB 566ms
566ms Stylesheet
text/css 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-content/cache/wpfc-minified/9m12zhu7/c0omk.css

Requested by

Host: bewellportal.com
URL: https://bewellportal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80ec33e2c852ec1b5cc4f725c16315527d5c678933638abf66070af946e68ee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 084d5f432e000005b75d05b000000001
last-modified: Thu, 14 Jan 2021 22:37:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LcSyIjxxgFeRZDPzd%2FTqAtc9%2BVMIdiAqLiULCI06m8TP8NdPn1kJQp57RZVp51UFmXs%2BsLOm%2Fl%2FMnMDPBrWnkMXjZhTAMFxEHiWVpdLjl9nTOzFJD9egcKmBPFYy"}],"max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
cf-ray: 6228ce4b7d6e05b7-FRA
expires: max-age=2592000, public

GET
H2 200 bewellportallogo1-e1416866217394.png
mleuj6y28mxj.i.optimole.com/4ghxFHM-3_zDiBD4/w:auto/h:auto/q:auto/https://bewellportal.com/wp-content/uploads/2014/11/ 4 KB
5 KB 181ms
124ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-3_zDiBD4/w:auto/h:auto/q:auto/https://bewellportal.com/wp-content/uploads/2014/11/bewellportallogo1-e1416866217394.png
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: 2d9e8d54f0e07094b74493a29314e272f6781121226ef08859643481c4c7396d

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 20:41:55 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 72912
x-cache: Hit from cloudfront
content-ex-length: 20265
content-disposition: inline; filename="bewellportallogo1-e1416866217394.webp"
exec-time: 69.390361ms
content-length: 4530
x-request-id: Z9pCt-JfqjeaS0pyB3-17
server: Optimole
etag: ab9280bed00960dfe98b4598ccd632251cd24b8687c0fecf7f2b1ba413ed6b51
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: dUD5tzIBAjl_JBHBkS9Vs-WEBgwOkU1fVSjfHgO8ln1oKNeeI7X1gQ==
expires: Tue, 15 Feb 2022 20:41:55 GMT

GET
H2 200 glass-55e1d14242_640.jpg
mleuj6y28mxj.i.optimole.com/4ghxFHM-rgjLTcPZ/w:640/h:247/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2020/09/ 20 KB
21 KB 208ms
151ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-rgjLTcPZ/w:640/h:247/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2020/09/glass-55e1d14242_640.jpg
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: 349ea5792405e6fc19dc7b6bf72022b66ad18b454882fe5a94d3094a8fa3dcb4

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 20:41:55 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 72912
x-cache: Hit from cloudfront
content-ex-length: 57053
content-disposition: inline; filename="glass-55e1d14242_640.webp"
exec-time: 74.927181ms
content-length: 20708
x-request-id: SKV58w99nYIQ3zX56vh1G
server: Optimole
etag: 04ddd553d69955ea386bf2fb0240295a097f9f422492a781e306953d0632c575
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: UCT5ozMvXZ1I4JkJBswmfBzY6NPbOoqKIVpwsHfK3AFak5Drlvlntw==
expires: Tue, 15 Feb 2022 20:41:55 GMT

GET
H2 200 acerola-immune-defence.jpg
mleuj6y28mxj.i.optimole.com/4ghxFHM-tqxa_gT-/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2020/03/ 30 KB
30 KB 176ms
120ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-tqxa_gT-/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2020/03/acerola-immune-defence.jpg
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: a8a3588f5c8cbecb2732a797ee4debe9714f5265306c03422d2dcb30bef07361

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 20:41:55 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 72912
x-cache: Hit from cloudfront
content-ex-length: 144650
content-disposition: inline; filename="acerola-immune-defence.webp"
exec-time: 259.18573ms
content-length: 30502
x-request-id: I0Nnz6l3xbnwnCHFUXEDL
server: Optimole
etag: c60ca13ad51c1d516b2ea33fdf50d8573b89825eb757d5f6c5d0c35259580e3a
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: ESH8x6TpJp_bQKcNvZ_jmvEyG75QEVrsgdYISSoINg9E0jDZMEiFDg==
expires: Tue, 15 Feb 2022 20:41:55 GMT

GET
H2 200 natural-remedies.jpg
mleuj6y28mxj.i.optimole.com/4ghxFHM-qKaGu6qE/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2020/03/ 31 KB
31 KB 199ms
143ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-qKaGu6qE/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2020/03/natural-remedies.jpg
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: 5bd112342d6dc324f5ff13efef3891841483b2a84e11003e4f1a177f2d12b79d

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 20:41:55 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 72912
x-cache: Hit from cloudfront
content-ex-length: 138821
content-disposition: inline; filename="natural-remedies.webp"
exec-time: 210.555788ms
content-length: 31398
x-request-id: PL1ve6AIOaO76AoXYEY-1
server: Optimole
etag: 4db058dbcce38ba009366034739dd81c4852a8d584cd5f006d1eb9d0b6eccbdc
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: X3vYwWBWLZTX1pZGL-I2sseitfZSmEMdyHxtL3dkpcoL1zN4Rz38uw==
expires: Tue, 15 Feb 2022 20:41:55 GMT

GET
H2 200 htmlIMG_5d4152d3bbed8.jpg
mleuj6y28mxj.i.optimole.com/4ghxFHM-VcHYYXAf/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2019/07/ 14 KB
15 KB 197ms
141ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-VcHYYXAf/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2019/07/htmlIMG_5d4152d3bbed8.jpg
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: 9db7fbd2839014c3ace3169bd05461e5cfb9b464157df3e87d10b5cfd51336f2

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 20:41:55 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 72912
x-cache: Hit from cloudfront
content-ex-length: 46436
content-disposition: inline; filename="htmlIMG_5d4152d3bbed8.webp"
exec-time: 334.843435ms
content-length: 14528
x-request-id: __4GDP9bRXsUNu3SDKAhE
server: Optimole
etag: 35abb54de382dfbff7918af0b87ff88c29f9582939ab2dc6ea7bbd6e4828df99
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: a4Wec1duvxYDJYMbFzqprqQYczWaT98pKEElz7ujI1bu3tkNHOFe4g==
expires: Tue, 15 Feb 2022 20:41:55 GMT

GET
H2 200 htmlIMG_5d403306dd23e.jpg
mleuj6y28mxj.i.optimole.com/4ghxFHM-6wfgo3NT/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2019/07/ 26 KB
27 KB 187ms
132ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-6wfgo3NT/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2019/07/htmlIMG_5d403306dd23e.jpg
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: 13368f7efb0bd242e1624cbcc4fec9e6c8c065d3e88d74f19b7d57653edf0a4f

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 20:41:55 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 72912
x-cache: Hit from cloudfront
content-ex-length: 69877
content-disposition: inline; filename="htmlIMG_5d403306dd23e.webp"
exec-time: 118.138378ms
content-length: 26786
x-request-id: ndVsVIgTpbelayVeQ0cRJ
server: Optimole
etag: 0777fe0d2bfe4281d2cbaf02c8e633c772f2e36f1c4d40e13579a2711c40ea32
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: AI9EmDgZtpZM8kH2jq100B1saQdKCD6Ccc99X2BnS2_Pv3M-TF5lKw==
expires: Tue, 15 Feb 2022 20:41:55 GMT

GET
H2 200 e830b20e28f1083ecd0b4401ef444f94eb6ae3d01db9164492f5c57a_640.jpg
mleuj6y28mxj.i.optimole.com/4ghxFHM-k-jojcNQ/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2019/01/ 20 KB
21 KB 122ms
120ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-k-jojcNQ/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2019/01/e830b20e28f1083ecd0b4401ef444f94eb6ae3d01db9164492f5c57a_640.jpg
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: 2345ee980d7f5ec30717c0ec0bbeb51574f1c824ed269b28932d352aceec52bf

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:13:34 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 1907013
x-cache: Hit from cloudfront
content-ex-length: 66851
content-disposition: inline; filename="e830b20e28f1083ecd0b4401ef444f94eb6ae3d01db9164492f5c57a_640.webp"
exec-time: 89.028377ms
content-length: 20950
x-request-id: pw6d58U-fmNDuFr6XvdiH
server: Optimole
etag: fd922385672b80ed2c70d6ef3537a52152143f82f21ff04f718fdd031ba03a2d
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: tcd2xddx_Gn1rURgQ_kpPpz5foQ1xvPpNU5pkCyXctkmlES8NDr3wA==
expires: Tue, 25 Jan 2022 15:13:34 GMT

GET
H2 200 e831b80a2bf2093ecd0b4401ef444f94eb6ae3d01db9124490f5c67e_640.jpg
mleuj6y28mxj.i.optimole.com/4ghxFHM-vKGURE-A/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2019/01/ 22 KB
23 KB 123ms
122ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-vKGURE-A/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2019/01/e831b80a2bf2093ecd0b4401ef444f94eb6ae3d01db9124490f5c67e_640.jpg
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: 56d84df202836f2d35697acefeee9d46522692cc425eecadddc672a3958d36b7

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 10:22:42 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 628465
x-cache: Hit from cloudfront
content-ex-length: 81653
content-disposition: inline; filename="e831b80a2bf2093ecd0b4401ef444f94eb6ae3d01db9124490f5c67e_640.webp"
exec-time: 106.288993ms
content-length: 23006
x-request-id: 2PMsqkc-oALWoabsuLCwb
server: Optimole
etag: ffbe047b269fec3d585fdc226ab40d564d3d3e80ba90edf5a0da536d984a7a18
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: vowDO_Ne2sv8bHdgPfrzatj9E56c5YiuCIfRv-JALbJ--6DqahxKjQ==
expires: Wed, 09 Feb 2022 10:22:42 GMT

GET
H2 200 red6-e1511937430374.jpg
mleuj6y28mxj.i.optimole.com/4ghxFHM-BQB39O3B/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2018/10/ 19 KB
19 KB 124ms
123ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-BQB39O3B/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2018/10/red6-e1511937430374.jpg
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: d8f1f9fe4aeef4aa6a0e7849644debd5d3d9ad3edc6d6756f1e02baf578e7b94

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 20:41:55 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 72912
x-cache: Hit from cloudfront
content-ex-length: 65155
content-disposition: inline; filename="red6-e1511937430374.webp"
exec-time: 67.891726ms
content-length: 19406
x-request-id: dL9ueEX_t93KkhlLi7CVL
server: Optimole
etag: b02263e6f5e16783b0cb6ddba226d2b62aab5e08e4dde4da4493d2fd00cebb53
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: b_YytBcde6U-1QawlgTD18bAKmfeSausaFsTyclDluqAU7xh5LQ6Dw==
expires: Tue, 15 Feb 2022 20:41:55 GMT

GET
H2 200 sugar-skulls-3723429_1280.jpg
mleuj6y28mxj.i.optimole.com/4ghxFHM-7msT6Rsr/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2018/10/ 24 KB
24 KB 130ms
128ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-7msT6Rsr/w:370/h:297/q:auto/rt:fill/g:ce/https://bewellportal.com/wp-content/uploads/2018/10/sugar-skulls-3723429_1280.jpg
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: 4dd097b06bb65ed08b9d5f7e8d3430d959c6ea18ab0dc895265c9595a91d6476

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 20:41:55 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 72912
x-cache: Hit from cloudfront
content-ex-length: 99129
content-disposition: inline; filename="sugar-skulls-3723429_1280.webp"
exec-time: 215.688952ms
content-length: 24342
x-request-id: UlORMCmgWUyBVWwGbsM5K
server: Optimole
etag: 026491039bbb19f75cbbbe054863cbf140d4e93f6a160fd6b849e63663a6efe7
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: gdhUqwpRXUsyPSn9tTXP7A0aD0FOi97yGYDaLD6rCDt49GCB-Il5tQ==
expires: Tue, 15 Feb 2022 20:41:55 GMT

GET wpy-style.css
bewellportal.com/wp-content/plugins/wpyoutube/ 0
0

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
4 KB 13ms
10ms Script
application/javascript 2606:4700::6810:a823
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: bewellportal.com
URL: https://bewellportal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a823 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 084d5f43380000177a3585b000000001
last-modified: Tue, 09 Feb 2021 14:27:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60229bea-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SwmkAtmodTryag4sNqQbg5cccuWr%2F4L6giNL8W%2F4j%2BE9WUjSPkmBHvVm6D%2BL26rkWhX1XMsDs0cuT9vps1fbhiWXBXm3kgVTvSVA0o%2BfgHo%2FE10W8TFSsCP2TkIP7Per"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 6228ce4b8e2f177a-FRA
expires: Thu, 18 Feb 2021 16:57:07 GMT

GET
H2 200 wp-embed.min.js Show response
bewellportal.com/wp-includes/js/ 1 KB
991 B 451ms
449ms Script
application/javascript 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-includes/js/wp-embed.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 084d5f4574000005b7b206b000000001
last-modified: Thu, 04 Feb 2021 06:45:34 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nd6viS8e0JEjarIw1banK8rA%2B%2BjZWUR9Ny0lldmN4INxKEkFLrHXVnO7w8xasyqteeS%2BVcGVpRcUpcBx3GBojRcLEwsKZxe2s6y6RM%2FEtUZRdBUBwNFkZCRdZNdP"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
cf-ray: 6228ce4f2dc405b7-FRA
expires: max-age=2592000, public

GET
H2 200 analyticsjs.js Show response
bewellportal.com/wp-content/plugins/reduce-bounce-rate/js/ 2 KB
1 KB 445ms
442ms Script
application/javascript 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-content/plugins/reduce-bounce-rate/js/analyticsjs.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6afa1887c4a43dc98bc31212f61480320973a2d89b7defb0c6c5988797b9fc1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 084d5f4575000005b77a2f0000000001
last-modified: Wed, 08 Feb 2017 07:14:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7K8B5C%2FfYHx1zdIWr6Yq%2FKSyyDj3ScEYPyu2hlJZ5N1%2BZJtRMUpIzcmgFUidG9v62s7QApW8ljALudebu0W4Kl6ONQkSXlh9SYl72rzDgk1fjMGYHRIZnoYCFgLV"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
cf-ray: 6228ce4f2dc805b7-FRA
expires: max-age=2592000, public

GET
H2 200 sticky.js Show response
bewellportal.com/wp-content/themes/mts_sociallyviral/js/ 1 KB
638 B 429ms
426ms Script
application/javascript 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-content/themes/mts_sociallyviral/js/sticky.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

511d34070dd9f73acd9db42d6aa7d24613c8efb166ee93205b9b5b5a0a61f5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 084d5f4575000005b75d08f000000001
last-modified: Thu, 14 Jan 2021 18:47:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=jFx3fl%2FvaQBIdiYWN8DJH1gSIYzSxQ4O%2BHA6RaV9HJ9cW1Fvhm8SfcHprgvKxzJAAoUM5NDwx07Khtz%2Bc2L%2FLfZpae54sd50TKsYhvF%2Fr4g54S2eKOrOOGRxq19g"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
cf-ray: 6228ce4f2dcc05b7-FRA
expires: max-age=2592000, public

GET
H2 200 customscript.js Show response
bewellportal.com/wp-content/themes/mts_sociallyviral/js/ 7 KB
2 KB 428ms
425ms Script
application/javascript 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-content/themes/mts_sociallyviral/js/customscript.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02ce424b3b342c6212335480b48f2f9c7cac4826573df2f0150ef21b4411aa90

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 084d5f4575000005b77aa50000000001
last-modified: Thu, 14 Jan 2021 18:47:43 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tOy5q2%2FRBivHkwkCAecZPW7vGpxv9HFdYFHdysYYYQLr65PWZ4yodUIU21ziPh6eZj8%2Bk1v%2FIZYvzJxIMsviykdfB0%2FLl0gVlV4JhlLDg5X%2Fp1atzzVtb8WF0MVO"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
cf-ray: 6228ce4f2dcd05b7-FRA
expires: max-age=2592000, public

GET
H2 200 uk-cookie-consent-js.js Show response
bewellportal.com/wp-content/plugins/uk-cookie-consent/assets/js/ 2 KB
870 B 446ms
443ms Script
application/javascript 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-content/plugins/uk-cookie-consent/assets/js/uk-cookie-consent-js.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e52aa532594524ce54ab7f748eb9828e2285b705ba1da5fe5b4c0f4ada6ce1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 084d5f4577000005b7b48e8000000001
last-modified: Thu, 05 Jan 2017 23:41:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YepyOzX%2B3MxMYDgDpJCLHRsZGLxWpGGnTFgqL5ISTOvd2TLq6tNMDpaYjT9PTIhUAxELJ18n8H7pQcz0ogsqLygMN%2FBWsbY0Aw3wIrJClliA00Xc5vElpvIovM8v"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
cf-ray: 6228ce4f2dcf05b7-FRA
expires: max-age=2592000, public

GET
H2 404 jquery.bpopup.min.js
bewellportal.com/wp-content/plugins/wpyoutube/ 0
0 438ms
435ms Script
text/html 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-content/plugins/wpyoutube/jquery.bpopup.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.34

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: PHP/7.2.34
x-litespeed-cache: hit
cf-request-id: 084d5f4575000005b76f93c000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=azXfzVhP31I8EjkpxnMPhuN1UMY4an41V8o35s8akQcybrIjGmSE%2FN2ZxExRy5mppxN9jfy7fz9sT%2FVdR8FUlG7OA4OrCthmYotmKaHI8MlY1y%2BUDIK%2BlxaSZW3w"}],"max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=2678400, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-ray: 6228ce4f2dd005b7-FRA
link: <https://bewellportal.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 56ms
36ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a3ae6bfa989d3fd7e015d572fcb4bc5c096bbdc9670fd4b7456846199901baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48421
x-xss-protection: 0
server: cafe
etag: 5055074899333445325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Feb 2021 16:57:07 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ 86 KB
30 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 08:21:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30961
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Feb 2022 08:21:06 GMT

GET analytics.js
thelyra.pro/a/ 0
0

GET
H2 200 c0omk.js Show response
bewellportal.com/wp-content/cache/wpfc-minified/6y26gs0y/ 33 KB
8 KB 444ms
442ms Script
application/javascript 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-content/cache/wpfc-minified/6y26gs0y/c0omk.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ebcf8ea83fb75a21485aaf2415ad54a605d11a1213a8c8d7d2e820ea5d3a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
cf-request-id: 084d5f4576000005b7a8bf7000000001
last-modified: Thu, 14 Jan 2021 22:37:38 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qLaK0HsisFimEUB4N%2BoRrQyadRHcha6x1nzkNP4v7FzYKf0JoJaGbF7GB%2BhwDp6Ix0jt4ks%2BtnOKTc3k%2FOYcmjUaYXjVOPfzbKOUNsH9NekpFAujo5wkssgMfQxZ"}],"max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400
x-turbo-charged-by: LiteSpeed
cf-ray: 6228ce4f2dd205b7-FRA
expires: max-age=2592000, public

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 91 KB
32 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 14:47:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7795
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32954
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Feb 2022 14:47:12 GMT

GET
H2 200 strawberry-675744.jpg
mleuj6y28mxj.i.optimole.com/4ghxFHM-eWhsAnSw/w:auto/h:auto/q:auto/https://bewellportal.com/wp-content/uploads/2015/06/ 174 KB
175 KB 122ms
122ms Image
image/webp 2600:9000:20e8:e000:2:6f7a:6f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mleuj6y28mxj.i.optimole.com/4ghxFHM-eWhsAnSw/w:auto/h:auto/q:auto/https://bewellportal.com/wp-content/uploads/2015/06/strawberry-675744.jpg
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:e000:2:6f7a:6f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Optimole /
Resource Hash: 6439a37a81613ad0939e8e4d68a0c206fe60b94ca7192903ad6060113a4a270b

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 15:13:50 GMT
via: 1.1 969e7c67b62bdfae78f727a06e4512c3.cloudfront.net (CloudFront)
age: 1906997
x-cache: Hit from cloudfront
content-ex-length: 274070
content-disposition: inline; filename="strawberry-675744.webp"
exec-time: 458.761079ms
content-length: 178412
x-request-id: B9NMf8YcgjFx6EBwLbvs_
server: Optimole
etag: 1420ef8bda6ffdfcfefe91c62088989fa73e3e869f9b35422d1d817c9520b5d4
vary: Accept
access-control-allow-methods: GET, OPTIONS
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
x-amz-cf-pop: TXL52-C1
x-amz-cf-id: ef3rjfoTvBt0byS5ljQIRnhJzCbGgG1adMyebvrHYCpo1d5M_ajHog==
expires: Tue, 25 Jan 2022 15:13:50 GMT

GET
H2 200 va9E4kDNxMZdWfMOD5Vvl4jN.woff
fonts.gstatic.com/s/firasans/v10/ 25 KB
25 KB 8ms
5ms Font
font/woff 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9E4kDNxMZdWfMOD5Vvl4jN.woff

Requested by

Host: bewellportal.com
URL: https://bewellportal.com/wp-content/cache/wpfc-minified/9m12zhu7/c0omk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

456f03a7c91f99b158fab0ff26f31344c17cba14f67b6d0dc3267a867e1f9679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bewellportal.com
Referer: https://bewellportal.com/wp-content/cache/wpfc-minified/9m12zhu7/c0omk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:21:29 GMT
server: sffe
age: 390679
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25888
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:48 GMT

GET
H2 200 fontawesome-webfont.woff2
bewellportal.com/wp-content/themes/mts_sociallyviral/fonts/ 75 KB
76 KB 702ms
700ms Font
font/woff2 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-content/themes/mts_sociallyviral/fonts/fontawesome-webfont.woff2

Requested by

Host: bewellportal.com
URL: https://bewellportal.com/wp-content/cache/wpfc-minified/9m12zhu7/c0omk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://bewellportal.com
Referer: https://bewellportal.com/wp-content/cache/wpfc-minified/9m12zhu7/c0omk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
content-length: 77160
cf-request-id: 084d5f457b000005b760060000000001
last-modified: Thu, 14 Jan 2021 18:47:43 GMT
server: cloudflare
etag: "12d68-600091cf-693c607605f1df48;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8hJO58BjIWtpur217%2FD8O6%2FgtKa1Cp6o2e0g1z5bB%2BBRs9p0CH198wSMVd0orql4kFPNDIjmi5Hye6JyCsFFBbZyP1w6bQH0VxE8bGtnYnDlx6Yp7F5RqCbOa8p2"}],"max_age":604800}
content-type: font/woff2
cache-control: max-age=2678400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6228ce4f2de405b7-FRA

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf8.woff
fonts.gstatic.com/s/firasans/v10/ 25 KB
25 KB 9ms
7ms Font
font/woff 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v10/va9B4kDNxMZdWfMOD5VnZKveRhf8.woff

Requested by

Host: bewellportal.com
URL: https://bewellportal.com/wp-content/cache/wpfc-minified/9m12zhu7/c0omk.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

436a467c6683d94cb046c6ab32c525bdb306d7701a6781735f389b14ba49de39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bewellportal.com
Referer: https://bewellportal.com/wp-content/cache/wpfc-minified/9m12zhu7/c0omk.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:25:59 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Jul 2019 19:21:14 GMT
server: sffe
age: 390668
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25876
x-xss-protection: 0
expires: Sat, 12 Feb 2022 04:25:59 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/ 226 KB
85 KB 71ms
57ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3dd0f99522a8917891c81455399e06fe7f18f2c7e07598478552520240e5bd95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86804
x-xss-protection: 0
server: cafe
etag: 5055074899333445325
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 16 Feb 2021 16:57:08 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame 37FA 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bewellportal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bewellportal.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 16 Feb 2021 05:49:25 GMT
expires: Tue, 02 Mar 2021 05:49:25 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 40063
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
30 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KQ6TTR8

Requested by

Host: bewellportal.com
URL: https://bewellportal.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aab92c8d78ac42614e3c2458036af729c1db3a43fb043b5b1ddd5df626c2673c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30242
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Feb 2021 16:57:08 GMT

GET
H3-Q050 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ac7fe562553931d4aa99f584fb31a6ca9bf139a91d3b59e60fa85bd055576bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48461
x-xss-protection: 0
server: cafe
etag: 8163085062052824119
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Feb 2021 16:57:08 GMT

GET
H2 200 / Show response
load.sumo.com/ 2 KB
2 KB 110ms
25ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/
Requested by: Host: bewellportal.com
URL: https://bewellportal.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: CF826736A7F13AED
cdn-cachedat: 2020-12-22 19:52:52
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 7HfQjZ7KDwlfg1uPrxeGrWK5P5ihi8z4Ls0YUmeIhzY9hcF5dbxh1CgK5CJIvt5PVYZbJWSgrzM=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:07 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=600
cdn-requestid: 27e64412d101f32e995befcb588041c0
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 404 jquery.bpopup.min.js
bewellportal.com/wp-content/plugins/wpyoutube/ 0
0 418ms
417ms Script
text/html 2606:4700:3033::ac43:83f1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bewellportal.com/wp-content/plugins/wpyoutube/jquery.bpopup.min.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::ac43:83f1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/7.2.34

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"max_age":604800,"report_to":"cf-nel"}
x-powered-by: PHP/7.2.34
x-litespeed-cache: hit
cf-request-id: 084d5f4875000005b7c9283000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RX6LN5mrB0wLRcWZ8ezEGo%2F1xrhXjUMrl%2B1vHML8AQfEpYsnb0tP7QmBeySizFOHGbhOmqji4SZeuj7rYOQofBsqDxOx%2FudJzb%2FjdjzMLOOktvPGc9tcCsyLrDgV"}],"max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=2678400, must-revalidate
x-turbo-charged-by: LiteSpeed
cf-ray: 6228ce53ef8405b7-FRA
link: <https://bewellportal.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KQ6TTR8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 592
date: Tue, 16 Feb 2021 16:47:16 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Tue, 16 Feb 2021 18:47:16 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 1 B
387 B 50ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1420262704&t=pageview&_s=1&dl=https%3A%2F%2Fbewellportal.com%2F&ul=en-us&de=UTF-8&dt=BeWellPortal%20-%20Health%2C%20Diet%2C%20Fitness%2C%20Personal%20Finance%20And%20Parenting%20Tips%20And%20Tricks%20For%20A%20Happy%20Life.%20Be%20Healthy%2C%20Live%20Your%20Dreams!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1753704799&gjid=1942856863&cid=1318178745.1613494629&tid=UA-56786630-1&_gid=39930016.1613494629&_r=1&gtm=2wg230KQ6TTR8&z=1612146793

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 16:57:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bewellportal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 206 B
412 B 61ms
59ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bewellportal.com&callback=_gfp_s_&client=ca-pub-5038145707941411

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

8db80a2d76b213b1893891f63fffd7632a387dc228d0f67f7801dcf99e6fc715

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
169 B 28ms
27ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bewellportal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 27ms
27ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bewellportal.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3806 3 KB
997 B 88ms
87ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&adk=318159125&adf=2184669829&lmt=1610663858&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbewellportal.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613494628440&bpp=14&bdt=1327&idt=127&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=154159558623&frm=20&pv=2&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=150

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c1e13a81d44bead56f672eea649da2ad92cf556cdecbcc23088213314132e850

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&adk=318159125&adf=2184669829&lmt=1610663858&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbewellportal.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1613494628440&bpp=14&bdt=1327&idt=127&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&nras=1&correlator=154159558623&frm=20&pv=2&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=150
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bewellportal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bewellportal.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Feb 2021 16:57:08 GMT
server: cafe
content-length: 722
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Feb-2021 17:12:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Feb 2021 16:57:08 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Tue, 16 Feb 2021 16:57:08 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 35FF 69 KB
22 KB 477ms
477ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ad4f14c3e28f613b9b23934f34fe288d1e00a91894fbc2ff32b2586043dc24f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bewellportal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bewellportal.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 16 Feb 2021 16:57:09 GMT
server: cafe
content-length: 22450
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 16-Feb-2021 17:12:08 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Tue, 16 Feb 2021 16:57:09 GMT
cache-control: private

GET
H2 200 72.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 131 KB
43 KB 32ms
31ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/72.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: ACD98A2C1988597B
cdn-cachedat: 2020-12-22 23:03:24
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 7b4CAJzd92+SVKJpwoWNMLS1vqAgBcHT3wihXvlu8xhZgoaWCkd1wVF+H0YyynNX8hXdJPitxkA=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:44 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: c3678e9e97f35502f68cba6e3188ee95
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 73.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 289 KB
99 KB 57ms
56ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: E0D7D7E410A9A5A7
cdn-cachedat: 2020-12-22 23:03:24
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: NwShDyOkTr1aby66liWIw24gl6gpTkaO25BrNZVs5/wvZGRVz1u04k3FNW1kIhHmQ5YyoderVZ4=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:45 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 12560bceee848742697d6c5fe08d4eab
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

POST
H2 200 / Show response
sumo.com/api/load/ 1 KB
954 B 634ms
220ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/load/

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

66f652e138c16bcac134cd74e0e15506a6138d692806b202039d3d0b3b4e0411

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 16 Feb 2021 16:57:09 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bewellportal.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 60ms
46ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95e2d08da6a1fc6694b35e6fe8349dfc31ff99a3c1714fced5a861722a70c3b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6469
x-xss-protection: 0

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
318 B 42ms
29ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-KQ6TTR8&cv=1&v=3&t=t&pid=1134657684&rv=230&es=1&e=gtm.js&eid=1&tc=1&tr=1ua.5ua&ti=1ua.1ua&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 16:57:08 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 a
www.googletagmanager.com/ 0
21 B 39ms
29ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-KQ6TTR8&cv=1&v=3&t=t&pid=1134657684&rv=230&es=1&e=gtm.dom&eid=3&tc=1&z=0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 16:57:08 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202102120101/show_ads_impl_fy2019.js?bust=exp%3D31060009

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Tue, 16 Feb 2021 16:57:08 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C340 12 KB
5 KB 34ms
20ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bewellportal.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://bewellportal.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Tue, 16 Feb 2021 14:36:47 GMT
expires: Wed, 16 Feb 2022 14:36:47 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 8422
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
pagead2.googlesyndication.com/bg/ Frame C340 14 KB
6 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 11:16:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 20423
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Wed, 16 Feb 2022 11:16:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 35FF 3 KB
681 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 16:22:12 GMT
server: ESF
date: Tue, 16 Feb 2021 16:57:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 16:57:09 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 35FF 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3009
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Mar 2021 16:07:00 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 35FF 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:08:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2929
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Mar 2021 16:08:20 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2541794298766226494/ Frame 35FF 48 KB
48 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2541794298766226494/downsize_200k_v1?w=600&h=314

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f43151cfa9a7784aac521d8a9e29d22514827d9ac2b3297f220d457a8424fec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 15 Feb 2021 12:18:22 GMT
x-content-type-options: nosniff
age: 103127
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48948
x-xss-protection: 0
last-modified: Mon, 21 Dec 2020 15:08:33 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Feb 2022 12:18:22 GMT

GET
DATA 200
OK truncated
/ Frame 35FF 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 35FF 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:06:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Mar 2021 16:06:31 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 35FF 107 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Tue, 16 Feb 2021 16:57:09 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 35FF 14 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:14:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2554
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 02 Mar 2021 16:14:35 GMT

GET
H2 200 f39ec1586bd36f0603e16664b9cc775d.js Show response
www.gstatic.com/mysidia/ Frame 35FF 25 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f39ec1586bd36f0603e16664b9cc775d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92cea13927f23ea44ef028e531d5fbef3be60d7211fbbf843bc430bf437a870b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 10:52:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 03:32:11 GMT
server: sffe
age: 453889
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10792
x-xss-protection: 0
expires: Wed, 12 May 2021 10:52:20 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 35FF 0
0 44ms
44ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXB8xZPkrYNSyJu2A1fAPnu60iASSz_i7YZX0xLCHDfPt7JGMDhABIL2P6CRglQKgAfL7098DyAEJqQLeJUCuYmi0PqgDAcgDywSqBNQBT9BWmpCMgQTGTwXDaYgInEf9oQ2WV-amyTzfLESOyLfKUxsaHV9UhIdotvKEoAKLvZPKr3wWN3GFNFb6O_GoODnUR7JaXWz4CY94emSc0U8Tm0GxwV17sWXGm8miOnq49b7OHqusEH-iO1WeWAo0eBZ_5Ziiw2tXIXeRipXOaIFu6nL7dD3pIJ5cLFlCiuHE8oQRiqX5lb_1u7TQV6lxibI8GMbAKYjat2AC6YwDf_1PMrJ5hwJvU3TU0asCs7ZIexyr73zykBzysNljZ1FdCrWecuPABJun9ef2ApIFBAgEGAGSBQQIBRgEoAYugAfZ5bImqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPW-DdIICQiA4YAQEAEYH4AKAcgLAdgTDZgWAbIXGgoYCAASFHB1Yi01MDM4MTQ1NzA3OTQxNDEx&sigh=jwLJ9sLkc3Y&template_id=5000&tpd=AGWhJmvcLE6EV-OisHNCF_UAhIeYzBFjoKYq9sX7cv6-5a9EjQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 16 Feb 2021 16:57:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 16 Feb 2021 16:57:09 GMT

GET
DATA 200
OK truncated
/ Frame 35FF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4565f6551afdea45d8cbbce4bc6e8e1bcceffeccd85d8be0ebc2ef33423c69af

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 35FF 14 KB
15 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 09 Feb 2021 18:30:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 599176
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Wed, 09 Feb 2022 18:30:53 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 35FF 14 KB
15 KB 31ms
20ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 12:56:41 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 446428
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Fri, 11 Feb 2022 12:56:41 GMT

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame D621 14 KB
6 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 13 Feb 2021 01:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 313697
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Sun, 13 Feb 2022 01:48:52 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f58ef317a437883e2baa7e98d73af912859b7cc7c10ecd79e97aa0ea974ba896

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 services Show response
sumo.com/ 2 KB
1 KB 263ms
263ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/services

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

404a50215cc6f30db9aa545ac08861bb5d980265e1e9b5e7c5da9ef776b0594d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/javascript, */*; q=0.01
X-Sumo-Auth: bDKs9CugcRsXwondM3zm7oi9
Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 16 Feb 2021 16:57:09 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.18.0
x-frame-options: SAMEORIGIN
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: https://bewellportal.com
access-control-allow-credentials: true
content-type: application/json; charset=utf-8

OPTIONS
H2 204 services
sumo.com/ Frame 0
0 222ms
222ms Other 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/services
Protocol: H2
Server: 52.34.133.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-sumo-auth
Origin: https://bewellportal.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.18.0
date: Tue, 16 Feb 2021 16:57:09 GMT
access-control-allow-origin: https://bewellportal.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
86 B 41ms
40ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=2408989610295209&bg=!vL-lv_zNAAXRs2QT0TsAKQB2-DxalNAYD2O2Rq0Bhr-4zdjkyX6bPVbJJ_zOF-YwZsc94haGbjvIAgAAAglSAAAADWgBBwoAXPRKIXGHQF92BhQfwngE5DdAk12mVfso2eOVKM8gjxW5fsc2_FCl_M9U6V4F_JqD4YHU-97hvwk7UemB2xogMoOzKOaW9nI2hdhI9qtkWc2Xf7sN8NfX1UDALx4ZmQHjjEO6dqjlsuufdDJ4ajWflMkASDFVxgEbdhRCDs_5nUWlAAhcWZwbu7mfDE-ucGO3lTandyN2e_4kLGBpDS25MyU8hWHDDi-vBU__DLM6slis9m8hvFeluChig6En4A9S074C9td5Jl8OnCpalGvCq7DpsXDekcTKB5BBS36TtyLSpluQTvrb-fBBSgznoiIPPBY1HQOZaESLF0rTW3PX9REMUSHkqC8JvUB9EpImx7k94oPPpKk_uLXtGmM4lalo7hhG9rEi8xHQVGPzYyaepc9a8C_B7V-N1OQP3vlfhyQy-pAVeqw22YPjil3f7GSz33xXLTeZ9lWcNgqZKohsuo8qS_fy_BfAdhCjJJaZYoC2FWxthnAtPz4hbIZJh9vldO-amdOmlgtgTtA7ITPm_neu44TqAJFyxa-jWe88nnvINr0A8IHNHAbTp6BeyvTov5S-I5i_VdoALOs64GVcUptOKwuy5dsnlecHbanwZqCxkTXPQdgELyxCn5ml9UdujoRGwnZNoa5f-0FVxgkhZGh82NVbkpUNPqjg8gt0belxk_i_iL0FePfa_ZKpc8i3VLBtG36cgkwdUFT2GMohhXRcTKske2ugnG6QCK0dCx52yU55Kg9kxv32WcSgwdyxGXqK

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 16:57:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 7.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 97 KB
33 KB 28ms
26ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/7.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: F859691E9ED263A9
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: K3hEOy6Cd9jfQtS2pZFV+4mBPBd8UQ1UUOc4yiJappI92uerYl6g1C/IZPo6sjP+kNbvd1ef5gs=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:42 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 4c98274244fb3882df6c532ebefe9d53
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 4.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
3 KB 45ms
43ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/4.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: A167BF33C4CF7698
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 5Qkpj+Nhoh2vhF03qLt+77b+0wbiJuuuWExP2cfeuOPdm6UOoxKYF426P62xpROkteITMmulIYE=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:19 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: c35b7ca1eec43ad847ce0b0501b6b4aa
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 2.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 3 KB
2 KB 29ms
27ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/2.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 5F004457B2949818
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: tuWHJga/a8FAL3lDFr6lqMuy3SgWIqbsven3JinQAoLO65QlBhXRQz1PZIl4N2dyzWUlzF0dLG4=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:03 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 47e739d3dd21b1c0b7d118407700d99e
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 10.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 11 KB
5 KB 28ms
26ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/10.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 54F9DA9DBF1BD656
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: byRUIINRoXZMfoA8QTKRiZGHyeVN3xmDMkPGDY4HrQlo7OKnIwaIIL1NfqyUTbVmCLVizyxODDc=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:49 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 2a493cad277ab1f1e42d0f74c1759d93
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 22.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 92 KB
24 KB 45ms
43ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/22.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 061B55E118875C52
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: /tl2HYu879eYW2AQI7viC+K8iaXjjGh58pxFFzzH/g/Q/U7OA9rK3B0n59zaf6IjDPJRlDA1Gno=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:05 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: b3fda86007057ce82d1d4a539495399d
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 23.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 329 KB
93 KB 34ms
33ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/23.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 09C8D4CB2C7D67A8
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: OqMt0W3a74yhLBacIBaicxZcshfHGGQWL9K1zLs5ICBeW606s0N8u+11XBGQtA/yeUyASlmrwao=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:05 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 38777c14bad47a5d3164649c3829a300
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 21.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 179 KB
50 KB 44ms
43ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/21.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 307ADBB7294B2DFE
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: bMWCX5Q9MOJK17BPX1aY1wYhEC5qF5oxQvZAnknr5F9ZXzdeKvste1bQcME22lNFiC5fxJxDWY4=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:04 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: f100f1724d59f526b58d5ab23574835f
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 64.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 KB
1 KB 45ms
44ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/64.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 10FCD35043852836
cdn-cachedat: 2020-12-22 23:03:31
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: /oyWHWckBd3/HqvDzeIIp+TdJI+YMAwlB//tifC3xbYs1Vuj24SDuEKBDERKSUwqzvSsmuMLcvE=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:39 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: cb5f0bd1e10e7eb008c7cdd2ebfd1d39
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 35FF 42 B
155 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssIoMHWeUv7CNkzm8a53rBX0Tp47s4ia0JLphMNUwOn21gzpBVx5JyF-i4paykUQBaBeErp6JTaSxo33kjGvppW5r941SffSS9IcZRkz8inFrF_3RhtpWO1BTzobw&sai=AMfl-YTMwjAU0uOOZ5p_1NbnAgONhTUordgxYKH3pMDm_vAhcu-3e5-kmV7JLUHHY-5XgnO5EpX36e2QiYbS&sig=Cg0ArKJSzJ3PYUB2M0hgEAE&id=osdim&mcvt=1001&p=238,215,518,1385&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1617453014&rs=2&met=mue&la=1&cr=0&osd=1&vs=4&rst=1613494628607&dlt=493&rpt=31&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5038145707941411&output=html&h=280&slotname=4275555089&adk=1617453014&adf=2505715299&pi=t.ma~as.4275555089&w=1170&fwrn=4&fwrnh=100&lmt=1610663858&rafmt=1&psa=0&format=1170x280&url=https%3A%2F%2Fbewellportal.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613494628461&bpp=6&bdt=1348&idt=137&shv=r20210211&cbv=r20110914&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=154159558623&frm=20&pv=1&ga_vid=1318178745.1613494629&ga_sid=1613494629&ga_hid=1420262704&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=215&ady=238&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21068769%2C21068893%2C31060009&oid=3&pvsid=2408989610295209&rx=0&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=cWiADO6mrd&p=https%3A//bewellportal.com&dtd=143
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Feb 2021 16:57:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
3 KB 26ms
24ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/0.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 6A8B733FA9B1B493
cdn-cachedat: 2020-12-22 23:03:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: Hqsu7TN6fMrKPsD1E9zf16KHsG/w3o/R72vgND8BTVgIdBhIwbO7/LzDO5s/ULgvLyj48W+Mqc4=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:48 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: ae359b8cf178a24b0f7da81fcfd114a3
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 1.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 KB
2 KB 26ms
25ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/1.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: A6B81DA68A588696
cdn-cachedat: 2020-12-23 09:44:06
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: K7HQ+cH+l5ehF0xjoKFEAaNZkzoKLUN+5sFrF3amdeJ1AHr0EGErtIvOD3+skWnUw1KbgZ2HNEI=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:49 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: da6195e5247b1c988966cb38ec0d5290
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 3.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 5 KB
2 KB 26ms
25ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/3.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 25661F930117147D
cdn-cachedat: 2020-12-23 09:44:06
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: dohOlXjTzyAZCekFsYDC5JgPoKuuG2cwC0lu715IbdYT33kzFxINoprA4tTj9edIzPXdH6QiI/U=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:47:11 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: cc806a237c63427a7ebdbc96d1cccf0b
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 14.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 313 KB
51 KB 27ms
26ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/14.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: bfa42f9fa4a3e06f41d0ec09ad9e7e63f598990a65422ebc84f560213573c65f

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 492F17411CDABA1B
cdn-cachedat: 2020-12-28 08:58:25
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: plzu00EdonMULmpqUvOK98Nx4xNIQdMC+M+eVSeuTcwC4wpxPSeCrC40pVJln1pkIAEXqTrLKLk=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:58 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 93f6d5eceb10b024125398212c08099c
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 11.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 438 KB
128 KB 30ms
29ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: A72818638DD6FBEE
cdn-cachedat: 2020-12-23 09:44:06
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: b31DEDUzXTR1K7UAcb4r7jkpr0XyZeCLUvFL8R8fP1I2KDQ7i+brRAjjxpuknEhv4RlkHxQjwHM=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:55 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 8fd0d1c46c55ac2320ad86a5875ef773
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 15.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 711 KB
52 KB 28ms
27ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: AE5E7C512FD3407D
cdn-cachedat: 2020-12-23 09:44:06
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 7iN5zZ3cRNjaeStCRnsn3uPWcQmlNvnJOjB+5fBY8dcwWCXFvCVrci4mVPdGuSgaQ3/kpTzdAr8=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:46:59 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 3cae5a20f1ac3574142f81e02bf49a6f
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 96.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 1 MB
77 KB 42ms
42ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/96.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 9C4B81F5FC377875
cdn-cachedat: 2020-12-22 23:03:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: 5ILfVuMPlNuenXZVTGQ1husa7vQ1S6lKZQ8WK7uP+E3WniEXMdhcmDJdPnbtLUvsBVMAAEzqAwg=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:03 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: c06a241e8d32d050d7f16b1820dc8707
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H2 200 97.7e831236a32d6086ab3e.js Show response
load.sumo.com/ 221 B
876 B 24ms
23ms Script
text/javascript 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to

Full URL: https://load.sumo.com/97.7e831236a32d6086ab3e.js
Requested by: Host: load.sumo.com
URL: https://load.sumo.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
content-encoding: br
cdn-edgestorageid: 657
x-amz-request-id: 54FD9AD96143FD9B
cdn-cachedat: 2020-12-22 23:03:34
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
x-amz-id-2: QicD+MLio5kuU2UPUl0g1uaf/PZM85gnKfBZWfCRELLys/OX2LFf0YRy8zCBPdBCqY7id8qG2Rg=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:04 GMT
server: BunnyCDN-DE1-657
vary: Accept-Encoding
content-type: text/javascript
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: d0b0a0135903b226447acf278f3ec7a6
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
H3-Q050 200 css
fonts.googleapis.com/ 21 KB
1 KB 44ms
29ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: bewellportal.com
URL: https://bewellportal.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 15:32:52 GMT
server: ESF
date: Tue, 16 Feb 2021 16:57:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 16:57:10 GMT

GET
H2 200 features Show response
sumo.com/api/site/a9ff9b001d723600450ddc0084994000dc32700029842f00d69db30057682000/ 3 KB
1 KB 209ms
209ms XHR
application/json 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://sumo.com/api/site/a9ff9b001d723600450ddc0084994000dc32700029842f00d69db30057682000/features?site_id=a9ff9b001d723600450ddc0084994000dc32700029842f00d69db30057682000

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.34.133.113 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-34-133-113.us-west-2.compute.amazonaws.com

Software

nginx/1.18.0 /

Resource Hash

058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: application/json, text/plain, */*
Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
X-Sumo-Auth: bDKs9CugcRsXwondM3zm7oi9

Response headers

date: Tue, 16 Feb 2021 16:57:11 GMT
content-encoding: gzip
vary: Origin, Accept-Encoding
server: nginx/1.18.0
etag: "-362431178"
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bewellportal.com
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow

OPTIONS
H2 204 features
sumo.com/api/site/a9ff9b001d723600450ddc0084994000dc32700029842f00d69db30057682000/ Frame 0
0 205ms
204ms Other 52.34.133.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sumo.com/api/site/a9ff9b001d723600450ddc0084994000dc32700029842f00d69db30057682000/features?site_id=a9ff9b001d723600450ddc0084994000dc32700029842f00d69db30057682000
Protocol: H2
Server: 52.34.133.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-34-133-113.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-sumo-auth
Origin: https://bewellportal.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: nginx/1.18.0
date: Tue, 16 Feb 2021 16:57:10 GMT
access-control-allow-origin: https://bewellportal.com
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-headers: pragma, x-requested-with, accept, x-sumo-auth, x-sumo-token, content-type
access-control-max-age: 2592000

GET
H3-Q050 200 css
fonts.googleapis.com/ 21 KB
1 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:200italic,300italic,400italic,500italic,600italic,700italic,800italic,900italic,200,300,400,500,600,700,800

Requested by

Host: bewellportal.com
URL: https://bewellportal.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 14:58:08 GMT
server: ESF
date: Tue, 16 Feb 2021 16:57:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Feb 2021 16:57:10 GMT

OPTIONS
H2 200 rpc
clients6.google.com/ Frame 0
0 43ms
15ms Other
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Protocol

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bewellportal.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-origin: https://bewellportal.com
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,PATCH,POST,PUT
access-control-max-age: 3600
access-control-allow-headers: content-type
content-type: text/plain; charset=UTF-8
vary: Origin X-Origin
date: Tue, 16 Feb 2021 16:57:10 GMT
expires: Tue, 16 Feb 2021 16:57:10 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 0
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
graph.facebook.com/ 251 B
639 B 71ms
42ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?id=https%3A%2F%2Fbewellportal.com%2F&callback=jQuery110203839845742204373_1613494628733&_=1613494628734

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ad7907646ae392f25b53b9b800ea86fb25966bd310ab586ce33ede70bd38b03b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003311165
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 193
pragma: no-cache
x-fb-debug: h52KNMbFdzRVhmaU1Kk6F+QTHKGNm8SgvQg5RYAvvWUGoroLO6zCrQIQd0w/JoEeY7q8PGWfgvbWc9eJUM+cEg==
x-fb-trace-id: FxF5U8cEWkJ
date: Tue, 16 Feb 2021 16:57:10 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AoSsQeanPg46Dd7FZk7cR2h
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 links.getStats Show response
api.facebook.com/method/ 389 B
596 B 61ms
35ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://api.facebook.com/method/links.getStats?urls=https%3A%2F%2Fbewellportal.com%2F&format=json&callback=jQuery110203839845742204373_1613494628735&_=1613494628736

Requested by

Host: load.sumo.com
URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2e19b2be1f348b1988919fed8304b9ba6dc05fd8f12c18ee796ac355ff7e843f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
x-fb-debug: xYr6xjjOC9QMlJQfrsiJb4MGuUpUncqhdLO38XS+YJR13//Y77BbNBB6Bmc8Rn2y1drwK2vLLy4RfrpHEZzSKg==
content-encoding: br
vary: Accept-Encoding
x-fb-trace-id: GBPyH5vfbEn
date: Tue, 16 Feb 2021 16:57:10 GMT
strict-transport-security: max-age=15552000; preload
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
x-fb-request-id: AGRPdOcsCG3OoDdFKOOhcdl
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rev: 1003311165
facebook-api-version: v3.2
content-length: 233
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST rpc
clients6.google.com/ 0
0

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 googleplus-white-60.png
load.sumo.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 20 KB
21 KB 30ms
29ms Image
image/png 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load.sumo.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/googleplus-white-60.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 568c290163b0a0957dc9a588116a279f2b47ce42ecc08a9033162c594a7413c6

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
cdn-edgestorageid: 657
x-amz-request-id: 5AA7C46B140B7D92
cdn-cachedat: 2020-12-23 08:52:56
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 20477
x-amz-id-2: FF2TRIr03iQ6DqMiOwBvq71dbqIbGD1GTrxVQktCYg4c69yAgv9NKwwlVy3UXBkOeYZKhqdgCaw=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:05 GMT
server: BunnyCDN-DE1-657
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 92c02293e2e75896fb79b98902a8cb30
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53c0a264444053b235b6d81b4da620684ddce50d6326798a1a536f9e269d5f52

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6d248d1bca62a13f7a5a6363736e10b4858dd4cc539aaf0018b40b036ac5757

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sumome-white-60.png
load.sumo.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/ 16 KB
16 KB 29ms
29ms Image
image/png 89.187.169.26
CDN77 (^_^)/

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load.sumo.com/_/images/apps/9e8a4d2a-6f8c-415e-851b-bdfe4c01d5c1/sumome-white-60.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.187.169.26 Frankfurt am Main, Germany, ASN60068 (CDN77 (^_^)/, GB),
Reverse DNS: unn-89-187-169-26.cdn77.com
Software: BunnyCDN-DE1-657 /
Resource Hash: 8ed77676d10661c0467f600237ee68475d3d4e58993e200cd953ae54132a0e24

Request headers

Referer: https://bewellportal.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 16:57:10 GMT
cdn-edgestorageid: 657
x-amz-request-id: 5V2SBRBR2N6T7X2G
cdn-cachedat: 2020-12-23 08:52:56
cdn-pullzone: 53731
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-length: 16033
x-amz-id-2: 5NohqHI5BQSbp+cAcjRsy+G4ri8DTn3ZbnaG6xvtLH/Woo1dw775CVB087P5vOZE/gLTMSLP6u0=
access-control-allow-origin: *
last-modified: Tue, 22 Dec 2020 17:48:05 GMT
server: BunnyCDN-DE1-657
content-type: image/png
cdn-cache: HIT
cdn-uid: a61f2e95-f685-45ef-9e80-35f4adfb29cb
cache-control: max-age=31536000
cdn-requestid: 39deac86eb9e1addc1017ff45448f356
cdn-requestcountrycode: CH
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bewellportal.com
URL: https://bewellportal.com/wp-content/plugins/wpyoutube/wpy-style.css

Domain: thelyra.pro
URL: https://thelyra.pro/a/analytics.js

Domain: clients6.google.com
URL: https://clients6.google.com/rpc?key=AIzaSyCKSbrvQasunBoV16zDH9R33D88CeLr9gQ

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.bewellportal.com/	1970-01-19 16:54:46	Name: __cfduid Value: d286300f05ef91b0c42041da52ab5d99e1613494626

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 26) Message: Query variable %s not found sumotoken
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: install sumo badge...
console-api	log	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 26) Message: Query variable %s not found sumopath
console-api	info	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: CREATING SANDBOX FOR services/index/#services/index
console-api	info	URL: https://load.sumo.com/73.7e831236a32d6086ab3e.js(Line 1) Message: CREATING SANDBOX FOR 156085c5-0017-4150-b225-a731ad248f38/service/#156085c5-0017-4150-b225-a731ad248f38/service
console-api	log	URL: https://load.sumo.com/14.7e831236a32d6086ab3e.js(Line 32) Message: facebook
console-api	log	URL: https://load.sumo.com/14.7e831236a32d6086ab3e.js(Line 32) Message: twitter
console-api	log	URL: https://load.sumo.com/14.7e831236a32d6086ab3e.js(Line 32) Message: pinterest
console-api	log	URL: https://load.sumo.com/14.7e831236a32d6086ab3e.js(Line 32) Message: [object Object]
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: rendering share...
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: rendering for desktop...
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: style buffer update...
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: buffer
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: facebook
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: facebooklike
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: googleplus
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: pinterest
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: reddit
console-api	log	URL: https://load.sumo.com/15.7e831236a32d6086ab3e.js(Line 1) Message: yummly
console-api	log	URL: https://load.sumo.com/11.7e831236a32d6086ab3e.js(Line 1) Message: undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.cloudflare.com
ajax.googleapis.com
api.facebook.com
bewellportal.com
clients6.google.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
graph.facebook.com
load.sumo.com
mleuj6y28mxj.i.optimole.com
pagead2.googlesyndication.com
partner.googleadservices.com
sumo.com
thelyra.pro
tpc.googlesyndication.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
bewellportal.com
clients6.google.com
thelyra.pro
142.250.186.34
2600:9000:20e8:e000:2:6f7a:6f00:93a1
2606:4700:3033::ac43:83f1
2606:4700::6810:a823
2a00:1450:4001:800::200a
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a03:2880:f01c:800e:face:b00c:0:2
52.34.133.113
89.187.169.26
02ce424b3b342c6212335480b48f2f9c7cac4826573df2f0150ef21b4411aa90
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
058f76d93a417240888fe7522aca5a1322f3ff8f86ddc950a3c347f0a1ac57da
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0ad4f14c3e28f613b9b23934f34fe288d1e00a91894fbc2ff32b2586043dc24f
0c30678ce61936db0d9405256fc6d328eb49d38614d1650a3678a32ebb3b943c
13368f7efb0bd242e1624cbcc4fec9e6c8c065d3e88d74f19b7d57653edf0a4f
18ebcf8ea83fb75a21485aaf2415ad54a605d11a1213a8c8d7d2e820ea5d3a92
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
2345ee980d7f5ec30717c0ec0bbeb51574f1c824ed269b28932d352aceec52bf
28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d9e8d54f0e07094b74493a29314e272f6781121226ef08859643481c4c7396d
2e19b2be1f348b1988919fed8304b9ba6dc05fd8f12c18ee796ac355ff7e843f
2e52aa532594524ce54ab7f748eb9828e2285b705ba1da5fe5b4c0f4ada6ce1a
349ea5792405e6fc19dc7b6bf72022b66ad18b454882fe5a94d3094a8fa3dcb4
36aecd4542cf4c62f3d0b0517e0e560aabd649e4efcfce254a95c5adeb388a5c
3dd0f99522a8917891c81455399e06fe7f18f2c7e07598478552520240e5bd95
3f351eef4b0a3ccd70ff9d4239851252a0a6eba79471e530f9deec0b3421d132
404a50215cc6f30db9aa545ac08861bb5d980265e1e9b5e7c5da9ef776b0594d
436a467c6683d94cb046c6ab32c525bdb306d7701a6781735f389b14ba49de39
4565f6551afdea45d8cbbce4bc6e8e1bcceffeccd85d8be0ebc2ef33423c69af
456f03a7c91f99b158fab0ff26f31344c17cba14f67b6d0dc3267a867e1f9679
4956068b2f2c2f14c6dd7fb409b7e5a22ab4a41b45c9ad683bc0f77c5853ffba
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265
4b6753aef2f81a4813434523b259d9d19f368ae41cd40162bf0897bc4e334cb9
4c2a0a41bdbc55f5d0f74f367110639cb7fe35122a7a140846d1395d21609a6d
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
4dd097b06bb65ed08b9d5f7e8d3430d959c6ea18ab0dc895265c9595a91d6476
5039e92d3fdaff3eb6d359a88fc73b73fa771471660453c43b34caea97e7e0a8
511d34070dd9f73acd9db42d6aa7d24613c8efb166ee93205b9b5b5a0a61f5c7
535f84cffe4a18de721d24bd0f6a46f059068d48daf2327d143e0397431cbb14
53c0a264444053b235b6d81b4da620684ddce50d6326798a1a536f9e269d5f52
568c290163b0a0957dc9a588116a279f2b47ce42ecc08a9033162c594a7413c6
56d84df202836f2d35697acefeee9d46522692cc425eecadddc672a3958d36b7
5bd112342d6dc324f5ff13efef3891841483b2a84e11003e4f1a177f2d12b79d
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5dc9d61931a73fa03b59af510868b7e89e4523df5a53935212ca8a9b31af0b8d
6439a37a81613ad0939e8e4d68a0c206fe60b94ca7192903ad6060113a4a270b
66f652e138c16bcac134cd74e0e15506a6138d692806b202039d3d0b3b4e0411
6a3ae6bfa989d3fd7e015d572fcb4bc5c096bbdc9670fd4b7456846199901baa
6ac7fe562553931d4aa99f584fb31a6ca9bf139a91d3b59e60fa85bd055576bf
6afa1887c4a43dc98bc31212f61480320973a2d89b7defb0c6c5988797b9fc1e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
71b3e9761dec1834f8152f030e564ed3ccee88e6f133764557faadbebf869c2d
73c748a03b271d7a4d7c1ed120f668653c1d7ed4632748920048ddcde2e6d759
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
80ec33e2c852ec1b5cc4f725c16315527d5c678933638abf66070af946e68ee2
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8db80a2d76b213b1893891f63fffd7632a387dc228d0f67f7801dcf99e6fc715
8ed77676d10661c0467f600237ee68475d3d4e58993e200cd953ae54132a0e24
92cea13927f23ea44ef028e531d5fbef3be60d7211fbbf843bc430bf437a870b
95e2d08da6a1fc6694b35e6fe8349dfc31ff99a3c1714fced5a861722a70c3b9
967ff48c41053bf7c36f819b71ee6b509bd9971857397d74b41c75acc5bd27ae
99483f1afa0e167d187258f6fe14212ee8ec0daa95a6ad0723fe9268885bb69a
9b9b439612eecd459a6edf2abfcf4ae252710e0069772b1b78c4970b3c0f1830
9c40f13cd1c3c7338bab7aa23cd5d7b197c79a9cd96ccca801f8937767f67642
9db7fbd2839014c3ace3169bd05461e5cfb9b464157df3e87d10b5cfd51336f2
a73a98563485541039998520eaa3f1b8475e8da1f9ae414a74c73df0d5f24f8a
a8a3588f5c8cbecb2732a797ee4debe9714f5265306c03422d2dcb30bef07361
aab92c8d78ac42614e3c2458036af729c1db3a43fb043b5b1ddd5df626c2673c
ad7907646ae392f25b53b9b800ea86fb25966bd310ab586ce33ede70bd38b03b
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
b5d439b0a1670a4a56384b0b48fcdfabef6e8a5124683f32c6913d1fe22e9563
bfa42f9fa4a3e06f41d0ec09ad9e7e63f598990a65422ebc84f560213573c65f
c1e13a81d44bead56f672eea649da2ad92cf556cdecbcc23088213314132e850
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c36eb9f49a231993fa4ead31474f6ba49fbba5b2b8630a6d0abb64b3740226c1
c60b93effcbac344d2c30270e0d97323af0f64f43f3ac4d8abd486a875477169
c6d248d1bca62a13f7a5a6363736e10b4858dd4cc539aaf0018b40b036ac5757
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d8f1f9fe4aeef4aa6a0e7849644debd5d3d9ad3edc6d6756f1e02baf578e7b94
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dd9c85c873b9b644468988e8165e079b0e747a550ce13fa3f7d0c1839b0fd503
e146694637c659ec76a75f2f92253956460decf38696b9f77d825dde8308efaa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f43151cfa9a7784aac521d8a9e29d22514827d9ac2b3297f220d457a8424fec5
f452c0a329f17acfb74497d9ddef4a0d5af4166d43da2a3824387fc71205cd4f
f58ef317a437883e2baa7e98d73af912859b7cc7c10ecd79e97aa0ea974ba896
fe39eced72c33ae4c1b3bdd9843bc853265b9909040d41555faa02f62cb29ef2

bewellportal.com Open in urlscan Pro 2606:4700:3033::ac43:83f1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

95 Requests

97 %HTTPS

83 %IPv6

16 Domains

22 Subdomains

19 IPs

2 Countries

1836 kBTransfer

6170 kBSize

1 Cookies

0 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bewellportal.com Open in urlscan Pro
2606:4700:3033::ac43:83f1 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

97 %
HTTPS

83 %
IPv6

16
Domains

22
Subdomains

19
IPs

2
Countries

1836 kB
Transfer

6170 kB
Size

1
Cookies

95 HTTP transactions
7 data transactions