secure.bywinona.com Open in urlscan Pro
2606:4700::6810:10c2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://secure.bywinona.com/
Effective URL:
https://secure.bywinona.com/google-1
Submission: On November 22 via automatic, source certstream-suspicious (November 22nd 2024, 4:59:20 am UTC) — Scanned from CA

Summary HTTP 154 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 48 IPs in 3 countries across 35 domains to perform 154 HTTP transactions. The main IP is 2606:4700::6810:10c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.bywinona.com.
TLS certificate: Issued by WE1 on November 22nd 2024. Valid for: 3 months.

This is the only time secure.bywinona.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	2606:4700::68... 2606:4700::6810:10c2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3036::6815:1b98	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:81e::200a	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3036::6815:1955	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a04:4e42::644 2a04:4e42::644	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2607:f8b0:400... 2607:f8b0:4006:824::2008	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	3.5.151.180 3.5.151.180	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:28b... 2600:9000:28b2:a600:f:17d2:4240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 5	2607:f8b0:400... 2607:f8b0:4006:808::2004	15169 (GOOGLE) (GOOGLE)
6	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
2	23.51.57.192 23.51.57.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	146.75.32.157 146.75.32.157	54113 (FASTLY) (FASTLY)
2	2620:1ec:bdf::40 2620:1ec:bdf::40	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	34.117.40.88 34.117.40.88	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 5	34.117.190.90 34.117.190.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	67.225.220.126 67.225.220.126	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2606:4700:10:... 2606:4700:10::6816:2971	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.138.106.62 108.138.106.62	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3037::6815:883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:21b... 2600:9000:21b8:d000:1e:c86:4140:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
1	108.139.33.128 108.139.33.128	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	2600:9000:251... 2600:9000:2511:b400:d:87ae:bb80:21	16509 (AMAZON-02) (AMAZON-02)
1	104.118.9.170 104.118.9.170	16625 (AKAMAI-AS) (AKAMAI-AS)
3	70.42.32.31 70.42.32.31	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	162.159.140.229 162.159.140.229	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
4	2607:f8b0:400... 2607:f8b0:4006:81c::2003	15169 (GOOGLE) (GOOGLE)
4	138.197.61.175 138.197.61.175	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	38.91.101.241 38.91.101.241	63023 (AS-GLOBAL...) (AS-GLOBALTELEHOST)
4	51.8.71.184 51.8.71.184	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	141.226.230.50 141.226.230.50	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
1	2606:4700::68... 2606:4700::6810:dc2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:266... 2600:9000:266a:2600:3:471f:5240:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	20.110.205.119 20.110.205.119	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	13.225.63.80 13.225.63.80	16509 (AMAZON-02) (AMAZON-02)
4	141.226.224.48 141.226.224.48	200478 (TABOOLA-A...) (TABOOLA-AS Taboola.com ltd)
2	2a04:4e42:400... 2a04:4e42:400::729	54113 (FASTLY) (FASTLY)
1	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
154	48

41 2606:4700::6810:10c2 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

secure.bywinona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3036::6815:1b98 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1955 (United States)

ASN13335 (CLOUDFLARENET, US)

themes.audemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a04:4e42::644 (United States)

ASN54113 (FASTLY, US)

fast.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:824::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.5.151.180 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com

winona-shareasale-bucket.s3.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:28b2:a600:f:17d2:4240:93a1 (United States)

ASN16509 (AMAZON-02, US)

d2saw6je89goi1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:808::2004 (United States) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
psb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.51.57.192 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-57-192.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.32.157 (Ashburn, United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::40 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.40.88 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 88.40.117.34.bc.googleusercontent.com

www.welkdtkr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.117.190.90 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.190.117.34.bc.googleusercontent.com

pm.geniusmonkey.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.225.220.126 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: host.rtb123.com

www.rtb123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2971 (United States)

ASN13335 (CLOUDFLARENET, US)

monetize.zeeto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-62.jfk50.r.cloudfront.net

p.xad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::6815:883 (United States)

ASN13335 (CLOUDFLARENET, US)

stagingapi.bywinona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
proxy.bywinona.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1122 (United States)

ASN13335 (CLOUDFLARENET, US)

static.legitscript.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21b8:d000:1e:c86:4140:93a1 (United States)

ASN16509 (AMAZON-02, US)

embed-ssl.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:809::2002 (United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:824::2002 (United States)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.162 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.139.33.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-33-128.jfk50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 Datacamp Limited, GB)

files1.cybba.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2511:b400:d:87ae:bb80:21 (United States)

ASN16509 (AMAZON-02, US)

d2rp1k1dldbai6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.118.9.170 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-118-9-170.deploy.static.akamaitechnologies.com

wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 70.42.32.31 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.159.140.229 (None, )

ASN13335 (CLOUDFLARENET, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.197.61.175 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

app.cybba.solutions	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 38.91.101.241 (New York, United States)

ASN63023 (AS-GLOBALTELEHOST, US)
PTR: us-ny-1.pro.ip-api.com

pro.ip-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.8.71.184 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.230.50 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:dc2 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.clickfunnels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:266a:2600:3:471f:5240:93a1 (United States)

ASN16509 (AMAZON-02, US)

pipedream.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.110.205.119 (Boydton, United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::237 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.33.220.150 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.63.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-80.ewr53.r.cloudfront.net

distillery.wistia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.224.48 (United States)

ASN200478 (TABOOLA-AS Taboola.com ltd, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)

js.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
browser.sentry-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.179.166 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	bywinona.com 1 redirects secure.bywinona.com stagingapi.bywinona.com proxy.bywinona.com bywinona.com Failed	2 MB
19	wistia.com fast.wistia.com — Cisco Umbrella Rank: 4773 embed-ssl.wistia.com — Cisco Umbrella Rank: 9290 pipedream.wistia.com — Cisco Umbrella Rank: 8023 distillery.wistia.com — Cisco Umbrella Rank: 7932	518 KB
11	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 934 psb.taboola.com — Cisco Umbrella Rank: 6026 trc.taboola.com — Cisco Umbrella Rank: 763 pips.taboola.com — Cisco Umbrella Rank: 1948 cds.taboola.com — Cisco Umbrella Rank: 1786 trc-events.taboola.com — Cisco Umbrella Rank: 2914	34 KB
8	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 td.doubleclick.net — Cisco Umbrella Rank: 182	7 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 625 a.clarity.ms — Cisco Umbrella Rank: 11110 c.clarity.ms — Cisco Umbrella Rank: 1269	31 KB
8	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	750 KB
6	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3405 wave.outbrain.com — Cisco Umbrella Rank: 4277 tr.outbrain.com — Cisco Umbrella Rank: 3357	13 KB
5	cybba.solutions files1.cybba.solutions — Cisco Umbrella Rank: 45551 app.cybba.solutions — Cisco Umbrella Rank: 44422	25 KB
5	geniusmonkey.com 2 redirects pm.geniusmonkey.com — Cisco Umbrella Rank: 16117	7 KB
5	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	216 B
4	google.ca www.google.ca — Cisco Umbrella Rank: 11557	256 B
3	adsrvr.org 1 redirects js.adsrvr.org — Cisco Umbrella Rank: 1531 insight.adsrvr.org — Cisco Umbrella Rank: 960 match.adsrvr.org — Cisco Umbrella Rank: 377	7 KB
3	gstatic.com fonts.gstatic.com	81 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	39 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1331	92 KB
2	sentry-cdn.com js.sentry-cdn.com — Cisco Umbrella Rank: 5415 browser.sentry-cdn.com — Cisco Umbrella Rank: 4270	27 KB
2	cloudfront.net d2saw6je89goi1.cloudfront.net d2rp1k1dldbai6.cloudfront.net	51 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	5 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 281	702 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 205	770 B
1	ip-api.com pro.ip-api.com — Cisco Umbrella Rank: 7020	439 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 991	723 B
1	t.co t.co — Cisco Umbrella Rank: 904	626 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 96	3 KB
1	legitscript.com static.legitscript.com — Cisco Umbrella Rank: 30790	15 KB
1	clickfunnels.com app.clickfunnels.com Failed assets.clickfunnels.com — Cisco Umbrella Rank: 117028	1 KB
1	xad.com p.xad.com — Cisco Umbrella Rank: 100334	498 B
1	zeeto.io monetize.zeeto.io — Cisco Umbrella Rank: 445950
1	rtb123.com www.rtb123.com — Cisco Umbrella Rank: 28479	1 KB
1	welkdtkr.com www.welkdtkr.com	9 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 1016	16 KB
1	amazonaws.com winona-shareasale-bucket.s3.ap-southeast-1.amazonaws.com	42 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 617	7 KB
1	audemedia.com themes.audemedia.com — Cisco Umbrella Rank: 930893	1 KB
0	addevent.com Failed track.addevent.com Failed
154	35

	Domain	Requested by
41	secure.bywinona.com	1 redirects secure.bywinona.com static.cloudflareinsights.com
14	fast.wistia.com	secure.bywinona.com fast.wistia.com
8	www.googletagmanager.com	secure.bywinona.com www.googletagmanager.com fast.wistia.com pm.geniusmonkey.com
5	pm.geniusmonkey.com	2 redirects www.googletagmanager.com secure.bywinona.com
5	www.google.com	1 redirects www.googletagmanager.com secure.bywinona.com
4	trc-events.taboola.com	cdn.taboola.com
4	a.clarity.ms	www.clarity.ms
4	app.cybba.solutions	files1.cybba.solutions
4	www.google.ca	secure.bywinona.com
4	td.doubleclick.net	www.googletagmanager.com
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	pipedream.wistia.com	fast.wistia.com
3	tr.outbrain.com	amplify.outbrain.com
3	cdn.taboola.com	www.googletagmanager.com cdn.taboola.com
3	fonts.gstatic.com	fonts.googleapis.com
3	cdnjs.cloudflare.com	secure.bywinona.com
3	use.fontawesome.com	secure.bywinona.com use.fontawesome.com
2	c.clarity.ms	1 redirects
2	www.clarity.ms	secure.bywinona.com www.clarity.ms
2	amplify.outbrain.com	www.googletagmanager.com amplify.outbrain.com
2	fonts.googleapis.com	secure.bywinona.com
1	browser.sentry-cdn.com	js.sentry-cdn.com
1	ib.adnxs.com	d2rp1k1dldbai6.cloudfront.net
1	js.sentry-cdn.com	fast.wistia.com
1	distillery.wistia.com	fast.wistia.com
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	c.bing.com	1 redirects
1	assets.clickfunnels.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	pro.ip-api.com	files1.cybba.solutions
1	trc.taboola.com	cdn.taboola.com
1	psb.taboola.com	cdn.taboola.com
1	analytics.twitter.com	secure.bywinona.com
1	t.co	secure.bywinona.com
1	wave.outbrain.com	amplify.outbrain.com
1	d2rp1k1dldbai6.cloudfront.net	www.rtb123.com
1	files1.cybba.solutions	www.rtb123.com
1	js.adsrvr.org	www.rtb123.com
1	www.googleadservices.com	www.googletagmanager.com
1	embed-ssl.wistia.com	secure.bywinona.com
1	static.legitscript.com	secure.bywinona.com
1	proxy.bywinona.com	secure.bywinona.com
1	stagingapi.bywinona.com	secure.bywinona.com
1	p.xad.com	secure.bywinona.com
1	monetize.zeeto.io	www.googletagmanager.com
1	www.rtb123.com	secure.bywinona.com
1	www.welkdtkr.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	d2saw6je89goi1.cloudfront.net	secure.bywinona.com
1	winona-shareasale-bucket.s3.ap-southeast-1.amazonaws.com	secure.bywinona.com
1	static.cloudflareinsights.com	secure.bywinona.com
1	themes.audemedia.com	secure.bywinona.com
0	bywinona.com Failed
0	app.clickfunnels.com Failed	secure.bywinona.com
0	track.addevent.com Failed	secure.bywinona.com
154	57

This site contains links to these domains. Also see Links.

Domain
clickfunnels.com
app.bywinona.com
bywinona.com
wistia.com
legitscript.com
www.clickfunnels.com

Subject Issuer	Validity	Valid
secure.bywinona.com WE1	`2024-11-22` - `2025-02-20`	3 months	crt.sh
use.fontawesome.com WE1	`2024-11-07` - `2025-02-06`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
audemedia.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
fast.wistia.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
cloudflareinsights.com WE1	`2024-11-01` - `2025-01-30`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.s3-ap-southeast-1.amazonaws.com Amazon RSA 2048 M01	`2024-11-06` - `2025-10-23`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-07-30` - `2024-12-31`	5 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-06-25` - `2025-06-24`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2024-09-04` - `2025-09-04`	a year	crt.sh
welkdtkr.com Starfield Secure Certificate Authority - G2	`2024-03-07` - `2025-04-08`	a year	crt.sh
*.geniusmonkey.com Sectigo RSA Domain Validation Secure Server CA	`2024-04-18` - `2025-05-19`	a year	crt.sh
rtb123.com R11	`2024-10-26` - `2025-01-24`	3 months	crt.sh
zeeto.io WE1	`2024-11-19` - `2025-02-17`	3 months	crt.sh
*.xad.com Amazon RSA 2048 M02	`2024-03-05` - `2025-04-02`	a year	crt.sh
bywinona.com WE1	`2024-10-27` - `2025-01-25`	3 months	crt.sh
legitscript.com WE1	`2024-10-08` - `2025-01-06`	3 months	crt.sh
*.wistia.com Amazon RSA 2048 M02	`2024-01-01` - `2025-01-28`	a year	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.googleadservices.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
files1.cybba.solutions R11	`2024-11-20` - `2025-02-18`	3 months	crt.sh
t.co E5	`2024-09-28` - `2024-12-27`	3 months	crt.sh
*.twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-10-07` - `2025-10-06`	a year	crt.sh
*.google.ca WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.cybba.solutions Sectigo RSA Domain Validation Secure Server CA	`2024-06-17` - `2025-07-18`	a year	crt.sh
*.ip-api.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-21` - `2025-01-20`	a year	crt.sh
a.clarity.ms Microsoft Azure RSA TLS Issuing CA 08	`2024-06-23` - `2025-06-18`	a year	crt.sh
clickfunnels.com Cloudflare TLS Issuing ECC CA 1	`2024-11-15` - `2025-11-15`	a year	crt.sh
pipedream-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M03	`2024-08-11` - `2025-09-09`	a year	crt.sh
stats-tap-production-cloudfront-app-cname.wistia.com Amazon RSA 2048 M02	`2024-08-13` - `2025-09-11`	a year	crt.sh
*.sentry-cdn.com GlobalSign Atlas R3 DV TLS CA 2024 Q2	`2024-06-04` - `2025-07-06`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2024-02-14` - `2025-03-16`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://secure.bywinona.com/google-1
Frame ID: 54FCD3DFE1113F70024712E291932A11
Requests: 146 HTTP requests in this frame

Frame: https://monetize.zeeto.io/pixel/725473b6?ze=e3&zr=
Frame ID: A5A6732770597347CC1FA30DC74123A3
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fsecure.bywinona.com
Frame ID: E5C0BCAD9606D12535065C541C7003A2
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/404708046?random=1732251551756&cv=11&fst=1732251551756&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 81AA6CBD1508955C8B7FEF501D3FBE35
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/404708046?random=1732251551793&cv=11&fst=1732251551793&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&label=oYwGCMHkq4AYEM61_cAB&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0
Frame ID: F34BC5E365B79D90234439CF1F9A4FA4
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16613637030?random=1732251551856&cv=11&fst=1732251551856&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9188688197z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1
Frame ID: 3A504C2C15E06C964B4F4188FFEBDF73
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/16593713869?random=1732251552834&cv=11&fst=1732251552834&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config
Frame ID: E69F32752BAC67C2BF19033E673393DB
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=2x0ys7s&ref=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&upid=n2lgo3z&upv=1.1.0&paapi=1
Frame ID: 74E74C788F8EE7BDDF305310EA676F08
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winona Wellness Center by Women, for Women

Page URL History Show full URLs

https://secure.bywinona.com/ HTTP 302
https://secure.bywinona.com/google-1 Page URL

Detected technologies

Sentry (Issue Trackers) Expand

Overall confidence: 100%
Detected patterns

<script[^>]*src="[^"]*browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js
browser\.sentry\-cdn\.com/([0-9.]+)/bundle(?:\.tracing)?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

ClickFunnels (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

<meta property="cf:app_domain" content="app\.clickfunnels\.com"

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css
owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

154
Requests

94 %
HTTPS

52 %
IPv6

35
Domains

57
Subdomains

48
IPs

3
Countries

3700 kB
Transfer

9267 kB
Size

53
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://clickfunnels.com/?aff_sub=paused_modal
Title: Learn more

Search URL Search Domain Scan URL

URL: https://app.bywinona.com/eligibility
Title: Start My Free Visit

Search URL Search Domain Scan URL

URL: https://bywinona.com/treatments
Title: Explore Treatments

Search URL Search Domain Scan URL

URL: https://bywinona.com/health-quiz
Title: Take Quiz

Search URL Search Domain Scan URL

URL: https://bywinona.com/winona-reviews
Title: READ MORE REVIEWS

Search URL Search Domain Scan URL

URL: https://wistia.com/?utm_type=player&utm_campaign=wistia-branding&utm_medium=referral&utm_source=wistia&about=1423006

Search URL Search Domain Scan URL

URL: https://bywinona.com/webinar
Title: Attend Live Webinar

Search URL Search Domain Scan URL

URL: https://bywinona.com/journal/hormonal-weight-gain-how-to-control-it
Title: HORMONAL WEIGHT GAIN AND HOW TO CONTROL IT

Search URL Search Domain Scan URL

URL: https://bywinona.com/journal/how-hormones-cause-symptoms-as-we-age
Title: HOW HORMONES CAUSE SYMPTOMS AS WE AGE

Search URL Search Domain Scan URL

URL: https://legitscript.com/

Search URL Search Domain Scan URL

URL: https://www.clickfunnels.com/?aff_sub2=badge&aff_sub=not_paid

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://secure.bywinona.com/ HTTP 302
https://secure.bywinona.com/google-1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://pm.geniusmonkey.com/gm.png?id=226606161&pv=undefined&qs=&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&r=&cbgm=1732251551998 HTTP 302
https://pm.geniusmonkey.com/r/gm-08A48GG39.png

Request Chain 98

https://pm.geniusmonkey.com/gm.png?id=226606162&pv=undefined&qs=&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&r=&cbgm=1732251551999 HTTP 302
https://pm.geniusmonkey.com/r/gm-08A48GG39.png

Request Chain 103

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404708046/?random=352550259&cv=11&fst=1732251551793&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&label=oYwGCMHkq4AYEM61_cAB&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&value=0&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&eitems=ChAIgNH7uQYQ8oG84-Dblb8xEh0AOg6El5oXzBMM6d6RckgYv3js4mjUqn3OlCIB4A&pscrd=IhMIhYat85PviQMVmxVoCB135xEIMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3NlY3VyZS5ieXdpbm9uYS5jb20vQlhDaEVJZ05IN3VRWVEydl9aa09UUDNkMkpBUkl0QUdhT1NlalJrbEhTUXNwa1E0SWJMMTB6VGNvMmQ2Nk9ob015OWRtQVl6LXdRYzZIeVdEazYzTUZSTE1Y HTTP 302
https://www.google.com/pagead/1p-conversion/404708046/?random=352550259&cv=11&fst=1732251551793&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&label=oYwGCMHkq4AYEM61_cAB&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&value=0&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIhYat85PviQMVmxVoCB135xEIMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3NlY3VyZS5ieXdpbm9uYS5jb20vQlhDaEVJZ05IN3VRWVEydl9aa09UUDNkMkpBUkl0QUdhT1NlalJrbEhTUXNwa1E0SWJMMTB6VGNvMmQ2Nk9ob015OWRtQVl6LXdRYzZIeVdEazYzTUZSTE1Y&is_vtc=1&cid=CAQSKQCa7L7dWCTqLi5hDGfO0k7UYP1fE08_VwHWz_rG3atkucL_U0a00OK_&eitems=ChAIgNH7uQYQ8oG84-Dblb8xEh0AOg6ElxUn92ICX64ce6yctr2tVBcM0mO000oPMg&random=2071919221 HTTP 302
https://www.google.ca/pagead/1p-conversion/404708046/?random=352550259&cv=11&fst=1732251551793&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&label=oYwGCMHkq4AYEM61_cAB&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&value=0&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIhYat85PviQMVmxVoCB135xEIMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3NlY3VyZS5ieXdpbm9uYS5jb20vQlhDaEVJZ05IN3VRWVEydl9aa09UUDNkMkpBUkl0QUdhT1NlalJrbEhTUXNwa1E0SWJMMTB6VGNvMmQ2Nk9ob015OWRtQVl6LXdRYzZIeVdEazYzTUZSTE1Y&is_vtc=1&cid=CAQSKQCa7L7dWCTqLi5hDGfO0k7UYP1fE08_VwHWz_rG3atkucL_U0a00OK_&eitems=ChAIgNH7uQYQ8oG84-Dblb8xEh0AOg6ElxUn92ICX64ce6yctr2tVBcM0mO000oPMg&random=2071919221&ipr=y

Request Chain 132

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E6079746F90C472EB28CF35F914C2C13&RedC=c.clarity.ms&MXFR=1B9CC229C07E69000A91D716C47E67CD HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6079746F90C472EB28CF35F914C2C13&MUID=26A50DFF219C61F118E718C0204A6063

Request Chain 135

https://insight.adsrvr.org/track/up?adv=2x0ys7s&ref=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&upid=n2lgo3z&upv=1.1.0&paapi=1 HTTP 302
https://match.adsrvr.org/track/upb/?adv=2x0ys7s&ref=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&upid=n2lgo3z&upv=1.1.0&paapi=1

154 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request google-1 Show response
secure.bywinona.com/
Redirect Chain

https://secure.bywinona.com/
https://secure.bywinona.com/google-1

204 KB
28 KB

219ms
219ms

Document
text/html

2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: 156733bf5683ef44655ddc848f0e5d608570e158d20ab8e3fbd3d766cea7add7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=60, public, s-maxage=600, r-maxage=10
cf-cache-status: HIT
cf-ray: 8e6659376ee74315-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 22 Nov 2024 04:59:09 GMT
last-modified: Sat, 10 Jun 2023 03:17:13 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="HIT"
status: 200 OK
vary: Accept-Encoding
x-content-digest: 41af095a7c251b14756e6c59cd1b79a04bd1a7be
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: stale, valid, store
x-request-id: 3af4f400-f49b-4b31-9654-0eef1d42d566
x-runtime: 0.376906

Redirect headers

access-control-allow-origin: *
access-control-request-method: *
cache-control: no-cache, no-store
cf-cache-status: BYPASS
cf-ray: 8e665934bc2a4315-EWR
content-type: text/html; charset=utf-8
date: Fri, 22 Nov 2024 04:59:09 GMT
location: https://secure.bywinona.com/google-1
pragma: no-cache
server: cloudflare
server-timing: cfCacheStatus;desc="BYPASS"
status: 302 Found
vary: Accept-Encoding
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: e42634ef69867a8c1f8560875047f4e4
x-runtime: 0.154201

GET
H2 200 lander.css
secure.bywinona.com/assets/ 425 KB
82 KB 247ms
241ms Stylesheet
text/css 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bywinona.com/assets/lander.css
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0f3de2aa55d94a81494a0e4b786df4229d2af8601902c797076aa5b572bfb24

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

cache-control: public, max-age=1200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673f6e6e-6a52c"
age: 906
cf-ray: 8e665938dff14315-EWR
expires: Fri, 22 Nov 2024 05:19:09 GMT
date: Fri, 22 Nov 2024 04:59:09 GMT
content-type: text/css
last-modified: Thu, 21 Nov 2024 17:31:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 605ms
174ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
age: 1195319
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gALfUSc%2FuCpyAfArx48im3ePU8DTSfEahUPbdVHjg6M4R9YTTs8jYUaTShApjxchUe2OoqMxbb%2BtsROHmcE%2FKB23wFAYRD4EIWyBmujd2jjf6qhzk0hnJ8l4qVKC4%2B6%2B0oTkbtxltn12OY02umF%2B%2Bfbl"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e66593b8f190f45-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17739&sent=14&recv=7&lost=0&retrans=0&sent_bytes=9130&recv_bytes=2283&delivery_rate=229807&cwnd=254&unsent_bytes=0&cid=e164e44353d12afa&ts=221&x=0"
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:46:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 v4-shims.css
use.fontawesome.com/releases/v5.9.0/css/ 26 KB
5 KB 604ms
174ms Stylesheet
text/css 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/v4-shims.css
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
age: 1189588
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KqLflgtMZzNywIQqTbImmJV7MxkOdB01JefzF6fpG8bBG1qeswgP3xHyp1lSyKRbLDaYU7MIFljvBDbZrCEcLphYWTlJfZRsXqz7DcmtXIb%2BZ3%2BPf84OirtH6EBts4hhO12GxzEOZ8u4epyTu8lUFQh2"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e66593b8f1a0f45-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17739&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4012&recv_bytes=2283&delivery_rate=229807&cwnd=254&unsent_bytes=0&cid=e164e44353d12afa&ts=220&x=0"
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: text/css
last-modified: Fri, 22 Sep 2023 01:46:02 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 56 KB
4 KB 608ms
180ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17c34655fce786775ef841e0cf3550c14d9bb3dec6530095afbc2ae7945ef81e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 04:59:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 22 Nov 2024 04:05:35 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 application.js Show response
secure.bywinona.com/assets/userevents/ 5 KB
2 KB 107ms
104ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bywinona.com/assets/userevents/application.js
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

cache-control: public, max-age=1200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673f6e6e-147c"
age: 1142
access-control-allow-methods: POST, GET, OPTIONS
cf-ray: 8e66593d1bc54315-EWR
expires: Fri, 22 Nov 2024 05:19:10 GMT
access-control-allow-origin: *
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: application/x-javascript
last-modified: Thu, 21 Nov 2024 17:31:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.2.1/assets/ 3 KB
1 KB 484ms
211ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.2.1/assets/owl.carousel.min.css

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03cf0-b78"
age: 817486
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LSJF%2Fvc%2B7nHuBaIUSFz29hHlnVrMgBXyGQE5tbqygQrs2JKM%2BGPCbowxk4X6E%2BQi83FkWI1dx%2BS8rSwzTQSBfmM0%2BUcFblgyiZ48ohI6WWTVBAiN%2BkMzlCKB6Z8XkCp%2FB2n%2FaOrNRnNL2GYMkvYpAD1E"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 04:59:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 04:59:09 GMT
content-type: text/css; charset=utf-8
last-modified: Mon, 04 May 2020 16:04:00 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e66593a6d3d43bd-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 712
server: cloudflare

GET
H2 200 owl.theme.default.min.css
themes.audemedia.com/html/goodgrowth/css/ 1 KB
1 KB 619ms
186ms Stylesheet
text/css 2606:4700:3036::6815:1955
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://themes.audemedia.com/html/goodgrowth/css/owl.theme.default.min.css

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:1955 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1f15f13ac2b9e5a71e71035f928052ed83e67d1e5e36ed6a8c81fd886dcb1a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"421-569f69e6-fb96c;br"
age: 1040
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nJBR8WK0xJw60ys4oX9n7g4OMPMuGyLXxtgLbOt%2BvuOxHFZ7kanhBWtQMu4vzitUOJ8vKTd5lftEdgLiYOp%2BIuyP4hx%2B9eiUfsLiG8qootKg4ddlTwhPlP%2BvWAf19UT5TephXFXy7mmzrYdh1BZauZna%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires: Wed, 20 Nov 2024 10:31:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=18312&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4036&recv_bytes=2225&delivery_rate=223524&cwnd=254&unsent_bytes=0&cid=ae0d7fbb80875354&ts=225&x=0"
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: text/css
last-modified: Wed, 20 Jan 2016 11:05:10 GMT
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cache-control: public, max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e66593b98727cae-EWR
x-turbo-charged-by: LiteSpeed
server: cloudflare

GET
H2 200 4zczthhrce.jsonp Show response
fast.wistia.com/embed/medias/ 10 KB
4 KB 312ms
190ms Script
application/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/4zczthhrce.jsonp

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

10395cb0998d2e638b426209f0c361d6694d751d96b1547d594e7593a6199e66

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

x-request-id: cb3cfdd2-fc40-47e3-a18b-d69f55884fdc
content-encoding: br
etag: W/"10395cb0998d2e638b426209f0c361d6"
age: 30696
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, MISS
x-amz-cf-id: rdU12-xy6NynSRhpasMhX3GbQAHbQI_DP-ggsEJCyMHlPt2rZmi0mA==
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000079-IAD, cache-yyz4521-YYZ
x-runtime: 0.083471
x-cache-hits: 1, 0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
cache-control: public, no-cache
timing-allow-origin: *
x-envoy-upstream-service-time: 85
x-timer: S1732251550.344945,VS0,VE20
via: 1.1 615fb4121a4d8bc094d80720dc4d32b2.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3212
x-amz-cf-pop: IAD61-P4
server: envoy

GET
H2 200 58kkg9cpad.jsonp Show response
fast.wistia.com/embed/medias/ 14 KB
6 KB 310ms
189ms Script
application/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/58kkg9cpad.jsonp

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

0ed1e559090da837699d0bed4f0cd9a5555010b3b4bfe773fdcc9ce146f051a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

x-request-id: dfc477e6-0453-48ab-9cca-67f95235112b
content-encoding: br
etag: W/"0ed1e559090da837699d0bed4f0cd9a5"
age: 30696
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, MISS
x-amz-cf-id: 6Ojac-LpZs-sDvs1bbhELbFTO9Ykh_vfzA4Dh7TmiGcxJiIoKGm5Rw==
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kiad7000179-IAD, cache-yyz4521-YYZ
x-runtime: 0.085993
x-cache-hits: 10, 0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
cache-control: public, no-cache
timing-allow-origin: *
x-envoy-upstream-service-time: 87
x-timer: S1732251550.344928,VS0,VE19
via: 1.1 0431e23c0344851eeb0c8f1f10c6edc4.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5185
x-amz-cf-pop: IAD61-P4
server: envoy

GET
H2 200 E-v1.js Show response
fast.wistia.com/assets/external/ 842 KB
144 KB 161ms
40ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/E-v1.js

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f9ea519bc110d0ca5575af9d9bac96b65e553e446c23a1bd20b61beae2734774

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
etag: "8ca8e628a68e1e302caf81509e47ab32"
age: 1830
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 04:59:10 GMT
last-modified: Thu, 21 Nov 2024 21:27:47 GMT
x-served-by: cache-iad-kjyo7100034-IAD, cache-yyz4521-YYZ
x-cache-hits: 19, 84
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1732251550.344983,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 146652
asset-version: b9a2c2c9092cb3ea1060dc261f4d49b395c6f5c3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/ 85 KB
27 KB 486ms
214ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03ec4-15283"
age: 116718
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wHoPMRBBEkRayF5sSZ0eDNllDaU0AstUij3zeBIi6KkY%2FPB7U0R6BdnPSlEP0%2BXzeXKRQtNr7%2B2l1B3A8Rj5htMYXJ%2BRUrMcqwlV9i%2FvKUZxmLF13zvhKRbOGObFHI8v5%2F7twoB8ZVtaHDOi4jOMCSdN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 04:59:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 04:59:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:11:48 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e66593a6d3f43bd-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27277
server: cloudflare

GET
H3 200 owl.carousel.min.js Show response
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.2.1/ 42 KB
10 KB 616ms
343ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.2.1/owl.carousel.min.js

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5eb03cf0-a70e"
age: 124164
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S0E64qgP5a8RsArb61%2BwReDKikBI4ZHMZY0pVAKNndJvEOF4OXvsGIcpFgQa7QSAUchi80xDGlpmLKgIcJTwOwz8KIPnxCiofRucNwYpgCteU3VIz59Yh19732z4gZHQ9vNUQwo2T83fp8mDPhewz2vN"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 12 Nov 2025 04:59:09 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 22 Nov 2024 04:59:09 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 04 May 2020 16:04:00 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e66593a6d4343bd-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9719
server: cloudflare

GET
H2 200 shield-icon.svg
secure.bywinona.com/hosted/images/4d/d7d0c4c10a4c6fbff4f0e77cd839e9/ 2 KB
912 B 630ms
627ms Image
image/svg+xml 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/4d/d7d0c4c10a4c6fbff4f0e77cd839e9/shield-icon.svg
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f501555fd323da0a4b92f5cdeb803d183108382b6474e907b7f02b0b2807642a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: MISS
etag: W/"d22735dfd3eb6c4620419a93dc9f59a1"
cf-ray: 8e665938f8074315-EWR
date: Fri, 22 Nov 2024 04:59:09 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Mar 2022 07:30:55 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 hand-icon.svg
secure.bywinona.com/hosted/images/a3/f8b35114b44cc2be2948fb747f885d/ 4 KB
2 KB 631ms
628ms Image
image/svg+xml 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/a3/f8b35114b44cc2be2948fb747f885d/hand-icon.svg
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c8addf87a0f618eb2667f655f4f3032c76592cfe3c41752f7e5bff10667f14a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: MISS
etag: W/"4cb3d13cf54b49080d4b2f18b6b1c904"
cf-ray: 8e665938f8094315-EWR
date: Fri, 22 Nov 2024 04:59:09 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Mar 2022 07:30:56 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 shipping-box-icon.svg
secure.bywinona.com/hosted/images/19/1805ec7be44b72b2dcf30ced26f238/ 954 B
548 B 725ms
724ms Image
image/svg+xml 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/19/1805ec7be44b72b2dcf30ced26f238/shipping-box-icon.svg
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0cd4930a18f333e0d24cab89dd9d28d0ea8de8f0a7ee4b2f129ea35d90dfd6e5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: MISS
etag: W/"3dc1338863bc02e27c83e17cd3b7b5e8"
cf-ray: 8e66593cbb704315-EWR
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Mar 2022 07:30:56 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 pause-or-cancel-icon.svg
secure.bywinona.com/hosted/images/7e/710bb865cd41aa97f6b25ef6ef5ef3/ 2 KB
854 B 887ms
886ms Image
image/svg+xml 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/7e/710bb865cd41aa97f6b25ef6ef5ef3/pause-or-cancel-icon.svg
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 695a59749e55f42dd1725fc088f71b3fe1f201a45ec511a2c116b09d56b68719

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: MISS
etag: W/"44ee3fd8830048c57b31e3457e7ea91c"
cf-ray: 8e66593d1bc24315-EWR
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Mar 2022 07:30:55 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 healthcare-icon.svg
secure.bywinona.com/hosted/images/f4/94328dad194754bb2fe2edc2034d1a/ 1019 B
600 B 685ms
680ms Image
image/svg+xml 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/f4/94328dad194754bb2fe2edc2034d1a/healthcare-icon.svg
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 026809f4b65e06bcdd4774e0d1cfd6c1dd604327d977596694ebf2855c7fcdfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: MISS
etag: W/"411de7aa8eb3ad98ff2c0ddfcaef00e0"
cf-ray: 8e66593d1bc34315-EWR
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Mar 2022 07:30:54 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 css
fonts.googleapis.com/ 4 KB
800 B 66ms
61ms Stylesheet
text/css 2607:f8b0:4006:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Atten+New+sans-serif%7CRoboto%7CAtten+New+sans-serif%7CMontserrat%7C

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ecf11aca5daf62f8506adf2934e052d8450ffea7ba3f978015f4532f09d3ff01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 22 Nov 2024 04:59:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 22 Nov 2024 04:59:10 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 lander.js Show response
secure.bywinona.com/assets/ 2 MB
736 KB 119ms
116ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bywinona.com/assets/lander.js
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6050c17b5ff5c36dea39c82caf37d6c525d36bed9f615e8c36220bb56580a22f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

cache-control: public, max-age=1200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673f6eaf-2388bc"
age: 1143
cf-ray: 8e66593d1bc44315-EWR
expires: Fri, 22 Nov 2024 05:19:10 GMT
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: application/x-javascript
last-modified: Thu, 21 Nov 2024 17:32:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 ClickfunnelsTag.png
secure.bywinona.com/hosted/images/3d/392630953c4119a324492bb1c05778/ 9 KB
9 KB 104ms
102ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/3d/392630953c4119a324492bb1c05778/ClickfunnelsTag.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9522e36418c8c475c7ef99b1bc2e650fc366cc49dc74c87af37e61a81afd5901

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: HIT
etag: "a633777156a5ffeb58c92d3d59fa4e34"
age: 6890
cf-bgj: imgq:85,h2pri
cf-ray: 8e66593d1bc74315-EWR
accept-ranges: bytes
cf-polished: origSize=9030
content-length: 8721
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: image/png
last-modified: Fri, 03 Jan 2020 17:41:49 GMT
vary: Accept, Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 pushcrew.js Show response
secure.bywinona.com/assets/ 637 B
444 B 115ms
113ms Script
application/x-javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bywinona.com/assets/pushcrew.js
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

cache-control: public, max-age=1200
content-encoding: gzip
cf-cache-status: HIT
etag: W/"673f6e6e-27d"
age: 1126
cf-ray: 8e66593d1bc84315-EWR
expires: Fri, 22 Nov 2024 05:19:10 GMT
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: application/x-javascript
last-modified: Thu, 21 Nov 2024 17:31:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 316ms
136ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer: https://secure.bywinona.com/

Response headers

cache-control: public, max-age=86400
content-encoding: gzip
etag: W/"2024.6.1"
cross-origin-resource-policy: cross-origin
cf-ray: 8e66593e3fa0de93-EWR
access-control-allow-origin: *
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 351 KB
110 KB 323ms
142ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7906b715621d83a00b09188cba089f2b80a9120ea8727ab9c7570fce5c0694d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 22 Nov 2024 04:59:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 112204
x-xss-protection: 0
server: Google Tag Manager

GET
DATA 200
OK truncated
/ 26 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/png

GET
H3 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ 29 KB
29 KB 266ms
125ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer: https://fonts.googleapis.com/

Response headers

age: 5339
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 03:30:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 03:30:11 GMT
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 29752
x-xss-protection: 0
server: sffe

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ 34 KB
34 KB 282ms
142ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer: https://fonts.googleapis.com/

Response headers

age: 9311
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 22 Nov 2025 02:23:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 02:23:59 GMT
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 34852
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 246ms
107ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer: https://fonts.googleapis.com/

Response headers

age: 590536
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sat, 15 Nov 2025 08:56:54 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 15 Nov 2024 08:56:54 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 74 KB
74 KB 347ms
144ms Font
font/woff2 2606:4700:3036::6815:1b98
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1b98 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css

Response headers

cf-cache-status: MISS
etag: "b5cf8ae26748570d8fb95a47f46b69e1"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=naDE5mjA24hMqMj2WZ8x92KJQc8F6jKj8DuVy7F%2BGykCusXesrtJHt04Ua2oKiBPBj%2BwGKfOmnKkd11M6%2Fgp2zEVg4Och%2F3KtCFr6MlY0wmHa9cuFIXX5rozryNx%2FEoYASJwQka42ldfVYun23Ibx1%2Fh"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=17075&sent=6&recv=7&lost=0&retrans=0&sent_bytes=4033&recv_bytes=2222&delivery_rate=239971&cwnd=254&unsent_bytes=0&cid=24d8022c0d4089f0&ts=158&x=0"
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: font/woff2
last-modified: Fri, 22 Sep 2023 01:46:05 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31556926
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e66593eaa414414-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 75440
server: cloudflare

GET
H/1.1 200
OK attennewregular.woff
winona-shareasale-bucket.s3.ap-southeast-1.amazonaws.com/font/ 42 KB
42 KB 1441ms
403ms Font
application/font-woff 3.5.151.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://winona-shareasale-bucket.s3.ap-southeast-1.amazonaws.com/font/attennewregular.woff
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.5.151.180 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-r-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 75f591f96b4115b1e2cef4933628c5d568b7cddb3a2a4a42252dba641c19cc0f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer: https://secure.bywinona.com/

Response headers

ETag: "46df26d7f352e4663697d05d274f21ae"
Access-Control-Allow-Methods: GET, HEAD, PUT, POST, DELETE
x-amz-request-id: HFMB0APT17BSAEZK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 42856
Date: Fri, 22 Nov 2024 04:59:12 GMT
Last-Modified: Mon, 24 Jan 2022 07:44:31 GMT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Server: AmazonS3
Content-Type: application/font-woff
x-amz-id-2: G8kUUhckJD8lEkE05+9Fsf0kOC77C5VFk85PKFnk+lsQ/QzBa0JzmtGdzPiP1o/j51gBT/VlUHMHviofQDLIXg==

GET
H2 200 hatton.woff
d2saw6je89goi1.cloudfront.net/uploads/digital_asset/file/986444/ 30 KB
30 KB 726ms
486ms Font
application/font-woff 2600:9000:28b2:a600:f:17d2:4240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2saw6je89goi1.cloudfront.net/uploads/digital_asset/file/986444/hatton.woff
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:28b2:a600:f:17d2:4240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8a76046a37f69c1cd9542ced7aea76e1008d79bc6c44555a6cf6b1b90a92542e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer: https://secure.bywinona.com/

Response headers

access-control-max-age: 3000
cache-control: max-age=31536000
etag: "7dcd8fe63907be14f1d14b3a83458632"
access-control-allow-methods: GET
via: 1.1 9f575b6f0217c33f22e6da5419974422.cloudfront.net (CloudFront)
accept-ranges: bytes
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 30320
x-amz-cf-id: Eko09ejtO_YcVH_PX2MIUJF90V8A3YgAfME6lgbu_Htxom0c4VE2Eg==
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: application/font-woff
last-modified: Thu, 27 Jan 2022 05:50:28 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P8

GET
H2 200 btn-arrow-right.svg
secure.bywinona.com/hosted/images/bf/9e22706eae49d2add10be626bb2ad3/ 221 B
286 B 595ms
594ms Image
image/svg+xml 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/bf/9e22706eae49d2add10be626bb2ad3/btn-arrow-right.svg
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661af507d7ef77b9c68d8e3a5afffcb3e0f55a43e73f15bb75e10ec76bc4f26e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: MISS
etag: W/"7b232005618f0829118c75b624048695"
cf-ray: 8e66593d8c3b4315-EWR
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: image/svg+xml
last-modified: Wed, 09 Mar 2022 07:17:56 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

POST
H3 200 collect
www.google.com/ccm/ 0
0 938ms
161ms Ping
text/plain 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/ccm/collect?en=page_view&dl=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&scrsrc=www.googletagmanager.com&frm=0&rnd=1211683474.1732251551&auid=1065174452.1732251551&npa=0&gtm=45He4bk0v831011745za200&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tft=1732251550837&tfd=2178&apve=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 265 KB
93 KB 368ms
368ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-404708046&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f8807e6c77fbc5b04ec51260854bf0e5cc43741f9deeb3a155459d54a27c7987

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 22 Nov 2024 04:59:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94886
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1372602/ 71 KB
22 KB 962ms
172ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1372602/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecbbde11ff3f17cd82fe6d7776037f44ee3946073bfef95378f0dc9b17b7415d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: gzip
etag: "cfc79f5e8ac0d48bc81889a4f53a285f"
x-amz-version-id: jYbFUXcMQkrbTmXIJORvcomh_Xq7mK09
age: 0
x-cache: HIT
date: Fri, 22 Nov 2024 04:59:11 GMT
last-modified: Sun, 17 Nov 2024 11:03:07 GMT
x-served-by: cache-yul1970038-YUL
x-cache-hits: 0
content-type: application/javascript; charset=utf-8
x-amz-id-2: kuh12eN1c7sAsVjVZODnNSXd57sK+OCvq9P9XKP87FexDskI67XPbkGs06Om/ZZrZ1Pl8kbf2oQ=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14401
x-timer: S1732251552.655384,VS0,VE76
via: 1.1 varnish
x-amz-request-id: 9C7B28S4586K1JS6
accept-ranges: bytes
access-control-allow-origin: *
abp: 38
content-length: 22036
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 31 KB
10 KB 959ms
148ms Script
application/x-javascript 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e37dcb6f734d00d75a25fbf066e04283dbc5167fef68c8bff5e0977b83a3f3ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

Cache-Control: max-age=1200
Content-Encoding: gzip
ETag: "6d3071e7937674c226546116c276cfec:1731942406.457597"
Connection: keep-alive
Expires: Fri, 22 Nov 2024 05:19:11 GMT
Accept-Ranges: bytes
X-CC: CA
Content-Length: 9328
X-RG: NA
Date: Fri, 22 Nov 2024 04:59:11 GMT
Content-Type: application/x-javascript
Last-Modified: Mon, 18 Nov 2024 08:29:07 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 57 KB
16 KB 948ms
152ms Script
application/javascript 146.75.32.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.32.157 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

vary: Accept-Encoding,Host
cache-control: no-cache
content-encoding: gzip
etag: "4328e910de583ad53b3a7a76455af005+gzip"
accept-ranges: bytes
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-length: 15926
date: Fri, 22 Nov 2024 04:59:11 GMT
x-tw-cdn: FT
last-modified: Mon, 28 Oct 2024 20:49:35 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-iad-kjyo7100077-IAD
x-amz-server-side-encryption: AES256

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 285 KB
98 KB 376ms
375ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-16613637030&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ed105cff5f1772ca4ec0f4e6175ac2f7e9f69da03d176ca8259e53210031188d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 22 Nov 2024 04:59:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:10 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 100434
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 i4ecmmn6rh Show response
www.clarity.ms/tag/ 689 B
1 KB 1012ms
83ms Script
application/x-javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/i4ecmmn6rh
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 11c36db93cff1537401a6746864e14c6bce12c76f23bef1237d1f3b70712b073

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: no-cache, no-store
request-context: appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
expires: -1
accept-ranges: bytes
x-cache: CONFIG_NOCACHE
content-length: 689
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: application/x-javascript
x-azure-ref: 20241122T045911Z-r1d48674995mxl4zhC1YMQhxxw00000000qg0000000096hh

GET
H2 200 everflow.js Show response
www.welkdtkr.com/scripts/sdk/ 31 KB
9 KB 956ms
129ms Script
text/javascript 34.117.40.88
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.welkdtkr.com/scripts/sdk/everflow.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.40.88 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 88.40.117.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e77381a3268bdf34ef744569ebb9f46036be9310e3a03d8a6c6675a4e49ad155

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: max-age=14400
content-encoding: gzip
accept-ch: Sec-Ch-Ua-Platform-Version,Sec-Ch-Ua-Model
via: 1.1 google
x-eflow-request-id: 4bb809bf-9307-475e-90ce-f251c2da0775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: text/javascript
vary: Origin
server: nginx

GET
H2 200 gm.js Show response
pm.geniusmonkey.com/ 6 KB
6 KB 1079ms
230ms Script
text/javascript 34.117.190.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://pm.geniusmonkey.com/gm.js?id=1028351688&z=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.190.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.190.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: fc69d8bcedfcec6176b0c92180b87567868e03fdcd5845d4d295aec4b8794e85

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: text/javascript;charset=utf-8
server: Google Frontend

GET
H2 200 btp.js Show response
www.rtb123.com/tags/0E3DCAC5-AD37-025A-024D-3D97D671892D/ 3 KB
1 KB 934ms
127ms Script
application/javascript 67.225.220.126
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rtb123.com/tags/0E3DCAC5-AD37-025A-024D-3D97D671892D/btp.js
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 67.225.220.126 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.rtb123.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c17630b891f710ddcc916b4e2b124489b25a87f5a0d33a819d873ae900e451aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: gzip
etag: "08672e7d8db1:0"
accept-ranges: bytes
x-powered-by-plesk: PleskWin
access-control-allow-origin: *
content-length: 1171
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: application/javascript
last-modified: Mon, 16 Sep 2024 21:12:48 GMT
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 725473b6
monetize.zeeto.io/pixel/ Frame A5A6 0
0 1240ms
453ms Document
text/html 2606:4700:10::6816:2971
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://monetize.zeeto.io/pixel/725473b6?ze=e3&zr=

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:2971 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://secure.bywinona.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8e6659460c494276-EWR
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 22 Nov 2024 04:59:12 GMT
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-decorator-operation: voldemort.zan-prod.svc.cluster.local:8080/*
x-envoy-upstream-service-time: 0
x-xss-protection: 1; mode=block

GET
H2 200 /
p.xad.com/ 161 B
498 B 960ms
149ms Image
image/png 108.138.106.62
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.xad.com/?id=273392&sid=7653044&ts=1732251550846&gtmcb=962249692
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.106.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-106-62.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a5a47c83114f65dc9fd38cdf422e2eeded555162d7a1993bd336dd0dc8eb271

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

etag: "b7bd7ea7347b06d753cce0caf6995c72"
age: 19374
via: 1.1 6741f9acf28bc52b25f06e9986a71e26.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 161
x-amz-cf-id: a1qoRPO--3HM_bHI2wrZPr7m9zNORVO5CVbbx4lRj9m1NEM0zRX_ww==
date: Thu, 21 Nov 2024 23:36:18 GMT
content-type: image/png
last-modified: Wed, 09 Mar 2022 06:25:55 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
vary: accept-encoding

GET
H2 200 sw_iframe.html
www.googletagmanager.com/static/service_worker/4bj0/ Frame E5C0 0
0 912ms
142ms Document
text/html 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/static/service_worker/4bj0/sw_iframe.html?origin=https%3A%2F%2Fsecure.bywinona.com

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 1476
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 04:59:11 GMT
expires: Sat, 22 Nov 2025 04:59:11 GMT
last-modified: Tue, 19 Nov 2024 10:38:00 GMT
report-to: {"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server: sffe
service-worker-allowed: /static/service_worker
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 vendor.js Show response
secure.bywinona.com/ 18 KB
6 KB 546ms
545ms Script
application/javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bywinona.com/vendor.js
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: 7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
x-request-id: fddff21749f28b0226bdd22d98d0b53a
cache-control: max-age=900, public
content-encoding: br
cf-cache-status: REVALIDATED
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
x-rack-cache: miss, store
cf-ray: 8e66594259054315-EWR
status: 200 OK
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: application/javascript
vary: Accept-Encoding
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-runtime: 0.022360
x-powered-by: Phusion Passenger Enterprise 6.0.7

GET /
track.addevent.com/atc/ 0
0

OPTIONS
H2 530 clickfunnels
stagingapi.bywinona.com/ Frame 0
0 812ms
153ms Preflight
text/html 2606:4700:3037::6815:883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stagingapi.bywinona.com/clickfunnels

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://secure.bywinona.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 8e665946e8e70f93-EWR
content-length: 6229
content-type: text/html; charset=UTF-8
date: Fri, 22 Nov 2024 04:59:11 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kRzRXF4NJ%2Br6jyi9UaDU%2FspXTRLiXl7GbvRE0JezfOtQnROOkZgjswadBWFGlxXfzMAdihGsU0Z7iNz427gh6ak9AH1D0feuGpHYJ52O00t%2F6bQwiUtez%2BGU%2BFI%2Fbz5wHxn2DDP6py5ak%2BCM7l1F0%2F8lVTL6HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=21966&sent=7&recv=8&lost=0&retrans=0&sent_bytes=4078&recv_bytes=2355&delivery_rate=192561&cwnd=255&unsent_bytes=0&cid=4bbe58c84c1f06ca&ts=262&x=0"
x-frame-options: SAMEORIGIN

GET /
app.clickfunnels.com/userevents/ 0
0

POST clickfunnels
stagingapi.bywinona.com/ 0
0

GET
H3 200 / Show response
proxy.bywinona.com/ 358 B
931 B 669ms
149ms Script
application/javascript 2606:4700:3037::6815:883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://proxy.bywinona.com/?url=https://static.legitscript.com/seals/8131176.js&_=1732251551121
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/assets/lander.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:883 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eedfa5a3721da1ef7bb3ecae5b1ca569bfa9e66aa6a85363f96b70d3cbc76dfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: 2592000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"673fd81a-166"
age: 6677
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rRaQKC8qVHzDU349pQRKhmcCkgwpWjrRjvJpV1jy8VTdJnhaAq%2FgB0899IGyoHlNw%2BuSLLoXGJ4wL2%2FtKd%2FlZBqnZP2nCc4Y2F6deMEePTcUW0lDTfrOV65xUdds0NlweyNDovT2TGu1PhiNz5HiF28%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e665945e8377288-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=365950&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4245&recv_bytes=5475&delivery_rate=9284&cwnd=12000&unsent_bytes=0&cid=e84b5c1dc0808c94&ts=413&x=1", cfHdrFlush;dur=0
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: application/javascript
last-modified: Fri, 22 Nov 2024 01:02:18 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 sleep-disruptions-icon.png
secure.bywinona.com/hosted/images/6b/4867e806be463b97fc348a3b25aa1b/ 3 KB
3 KB 538ms
533ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/6b/4867e806be463b97fc348a3b25aa1b/sleep-disruptions-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab81e2510fa17954c2f46cda1b96ab611c03d80b01e5a24fc5f6204d2d25cff9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "053ac3f8fe58056298e78ecf552f2d9b"
cf-ray: 8e66594309b34315-EWR
accept-ranges: bytes
content-length: 2707
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:58 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 low-libido-icon.png
secure.bywinona.com/hosted/images/64/fb43605f3348b4a4ebb9bd5cf52945/ 3 KB
3 KB 561ms
556ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/64/fb43605f3348b4a4ebb9bd5cf52945/low-libido-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53f788ed832f99253f455ba04668e192fcb4b2169fe7b3002882a03d094e0ae0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "6b7416bab20dff305d7de79c3a3e842f"
cf-ray: 8e66594309b54315-EWR
accept-ranges: bytes
content-length: 2644
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:58 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 anxiety-icon.png
secure.bywinona.com/hosted/images/70/a1c8e3b41b42c4a3d0cfe54c5e3943/ 3 KB
3 KB 654ms
649ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/70/a1c8e3b41b42c4a3d0cfe54c5e3943/anxiety-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce4713849d78c0738610568972ecebeb8eb8e62b5bc779a962930509a5807cf1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "dc80b90a20064e7cb9016904c784fb9f"
cf-ray: 8e66594309b64315-EWR
accept-ranges: bytes
content-length: 2975
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:58 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 night-sweats-icon.png
secure.bywinona.com/hosted/images/cb/813039eab44184b9c0dd4245718e0f/ 2 KB
3 KB 545ms
541ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/cb/813039eab44184b9c0dd4245718e0f/night-sweats-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c0c89040b747a9706e1c41055d4fb36e939a1d31c6ef19fec964b67ace97f91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "625c97ad5ee6f7d4555d03d1358af29a"
cf-ray: 8e66594309b84315-EWR
accept-ranges: bytes
content-length: 2475
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:58 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 mood-swings-icon.png
secure.bywinona.com/hosted/images/cb/0ea531eb3349c49aa53a5fa724ef4c/ 3 KB
3 KB 546ms
542ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/cb/0ea531eb3349c49aa53a5fa724ef4c/mood-swings-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37947ef5beff1b69d4fb1f3bcc12a62941e2245685824b00b06f2be97fc40ef7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "52008e9f5f793a705f9444e88c6ed5e4"
cf-ray: 8e66594309ba4315-EWR
accept-ranges: bytes
content-length: 2663
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:59 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 skin-changes-icon.png
secure.bywinona.com/hosted/images/64/60cf47e1dc4425b5bdf00672e45e8e/ 2 KB
2 KB 545ms
541ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/64/60cf47e1dc4425b5bdf00672e45e8e/skin-changes-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f32df7e551db7b61e5a7eb1b3b5064a32960109c9fca02e0aadc607d8e12833

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "4c3e540504c0eba23141211fe85a48a8"
cf-ray: 8e66594309bb4315-EWR
accept-ranges: bytes
content-length: 2438
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:58 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 low-energy-icon.png
secure.bywinona.com/hosted/images/4c/504e574e1b417cbe0e95f92cf0218e/ 2 KB
2 KB 542ms
539ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/4c/504e574e1b417cbe0e95f92cf0218e/low-energy-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bece930de6f9ca43f53f17d7b71e9b7bb9687370f18a7a010df22f2b6294f23a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "a8e7c3ff221a7f729225f870790ea6dc"
cf-ray: 8e66594309bc4315-EWR
accept-ranges: bytes
content-length: 2316
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:58 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 hot-flashes-icon.png
secure.bywinona.com/hosted/images/31/67f239c70649d58d3000492de49c48/ 3 KB
3 KB 547ms
544ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/31/67f239c70649d58d3000492de49c48/hot-flashes-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7102c43027122899b2181135e0db342953478de7c991a8bbd8f4c64ebdad56da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "cedaf34e904348c9de3ecdc7b6a71783"
cf-ray: 8e66594309bd4315-EWR
accept-ranges: bytes
content-length: 2701
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:59 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 fatigue-icon.png
secure.bywinona.com/hosted/images/47/1e04c46c94417a9a4110f975d4bfa8/ 2 KB
2 KB 536ms
533ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/47/1e04c46c94417a9a4110f975d4bfa8/fatigue-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eaa4c1099c55645f51cdb78ab5378cded2bc4c3276f181a3f97b5baa896b812

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "e8f33386d88a024963fc8d087fba55a3"
cf-ray: 8e66594309be4315-EWR
accept-ranges: bytes
content-length: 2156
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:58 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 vaginal-dryness-icon.png
secure.bywinona.com/hosted/images/4f/fe17357d294c8d8dce4dad0b530953/ 3 KB
3 KB 531ms
528ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/4f/fe17357d294c8d8dce4dad0b530953/vaginal-dryness-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9c5add388727e1a07d7b9d6a8e9396c63cc2a73347448962b88f3c58a15b03b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "404cef4c3cd19848cab823a136df83c2"
cf-ray: 8e66594329d14315-EWR
accept-ranges: bytes
content-length: 2611
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:59 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 brain-fog-icon.png
secure.bywinona.com/hosted/images/e6/03aba12fd54111b10e15756bb7a2a8/ 2 KB
3 KB 543ms
541ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/e6/03aba12fd54111b10e15756bb7a2a8/brain-fog-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af485050843f22da2878e5f246688035e9e3c9f2b77fa80f8e783b049d73fff4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "e6df8322a943324cc8f94ea68703aa3d"
cf-ray: 8e66594329d24315-EWR
accept-ranges: bytes
content-length: 2504
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:58 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 hair-changes-icon.png
secure.bywinona.com/hosted/images/d5/ba9dde6ec04060b2c26a1953e2365f/ 3 KB
3 KB 546ms
544ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/d5/ba9dde6ec04060b2c26a1953e2365f/hair-changes-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: de7879a56a1ac6451486623134710ea8426543c93ee989dd2cf42879fbbe116f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "748e8cf89f6847cf962e92c1070bd75d"
cf-ray: 8e66594329d44315-EWR
accept-ranges: bytes
content-length: 3018
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:58 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 weight-gain-icon.png
secure.bywinona.com/hosted/images/2a/c005deadd54037a26c4f921e97e590/ 3 KB
3 KB 539ms
537ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/2a/c005deadd54037a26c4f921e97e590/weight-gain-icon.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a1e89cf2a00dd223f860275d0fc5f3ada80cc0f624784a8d7c9a48a8045e98c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "d2e28c8ae5c92a52b9eb4d597bf90ed5"
cf-ray: 8e66594329d54315-EWR
accept-ranges: bytes
content-length: 2632
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 06:53:59 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 5-star-rating.svg
secure.bywinona.com/hosted/images/1c/1d51a7f59e4504935212a317bc3570/ 739 B
1 KB 547ms
545ms Image
image/svg+xml 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/1c/1d51a7f59e4504935212a317bc3570/5-star-rating.svg
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 150195ae6cf4ac5ea0f5abf98a010fd4f3a1a01454809bd3270675db576dbc4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
content-encoding: br
cf-cache-status: MISS
etag: W/"22e787b9b2a8972fc4d7529ae283eb08"
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=8GTC3IB_.zwUAriiYFvjFeCOi2i7e6azjkDrrPLGqSM-1732251551-1.0.1.1-2mKp23NwZpJYlJVEdSsDrPrs0g0BqOzOWKv6rBOnqC9nwnPQF1t3M48kPCL5Py89e9jh3wyZmN2a4pM5fGzWPqfkHythSuWKJIG49mjbBhMDeKqdGNyl3KsmyNq_Oz6RFUHGvrFy2BqL28XmFf0w2ROuIBo89DjJVYXYIScgrY4"}],"group":"cf-csp-endpoint","max_age":86400}
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=8GTC3IB_.zwUAriiYFvjFeCOi2i7e6azjkDrrPLGqSM-1732251551-1.0.1.1-2mKp23NwZpJYlJVEdSsDrPrs0g0BqOzOWKv6rBOnqC9nwnPQF1t3M48kPCL5Py89e9jh3wyZmN2a4pM5fGzWPqfkHythSuWKJIG49mjbBhMDeKqdGNyl3KsmyNq_Oz6RFUHGvrFy2BqL28XmFf0w2ROuIBo89DjJVYXYIScgrY4; report-to cf-csp-endpoint
cf-ray: 8e66594329d64315-EWR
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/svg+xml
last-modified: Mon, 14 Feb 2022 15:50:32 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 swatch
fast.wistia.com/embed/medias/58kkg9cpad/ 3 KB
4 KB 541ms
539ms Image
image/jpeg 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/58kkg9cpad/swatch

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c0ff8c1d10a080c556a2cb9ad98f2da4326cd79b2be346e1e8daf9925214545b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

etag: ILSkf4VoUSH_Cq3ScdtyA-6M9Vg=
age: 0
access-control-request-method: *
x-cache: Miss from cloudfront, HIT, MISS
x-amz-cf-id: scRbPT96pg8-6EKFKpewTFj6mD1nRkyuNvH_-R48j283K4ufnfoKfQ==
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/jpeg
content-disposition: inline
x-served-by: cache-iad-kjyo7100029-IAD, cache-yyz4521-YYZ
last-modified: Wed, 09 Mar 2022 19:02:49 UTC
vary: Origin
x-cache-hits: 9, 0
strict-transport-security: max-age=0
edge-cache-tag: fd40e35f5a7824e3dca68180d05ed147
cache-control: public, no-cache,max-age=31536000
timing-allow-origin: *
x-envoy-upstream-service-time: 318
x-timer: S1732251551.196777,VS0,VE239
x-cdn: cloudfront
via: 1.1 cdc92f37130d0a9615a188e5b74a6fb0.cloudfront.net (CloudFront), 1.1 ea71b96212c28d5f0611046b8d2932f6.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3339
x-amz-cf-pop: IAD61-P6, MIA3-C4
server: envoy

GET
H2 200 8131176.png
static.legitscript.com/seals/ 14 KB
15 KB 278ms
98ms Image
image/png 2606:4700::6812:1122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.legitscript.com/seals/8131176.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f94dbdd607cbb8890e47e6691efb16cc0a87acf95e54b483df60f19adc950c38

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cf-cache-status: HIT
etag: "673fe62c-3966"
age: 6598
cf-ray: 8e665947f9d74308-EWR
accept-ranges: bytes
content-length: 14694
date: Fri, 22 Nov 2024 04:59:12 GMT
content-type: image/png
last-modified: Fri, 22 Nov 2024 02:02:20 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 googleAnalytics4.js Show response
fast.wistia.com/assets/external/ 25 KB
6 KB 403ms
401ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/googleAnalytics4.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

1716c14aa90e398d730cbe42d76cf8ca3902f23c24f811bf2eb86ba515eba110

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
etag: "c126d1092957865c3a91fab1f21ea5ef"
age: 1829
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 04:59:11 GMT
last-modified: Thu, 21 Nov 2024 21:27:47 GMT
x-served-by: cache-iad-kcgs7200165-IAD, cache-yyz4521-YYZ
x-cache-hits: 37, 4
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1732251551.225261,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 6157
asset-version: b9a2c2c9092cb3ea1060dc261f4d49b395c6f5c3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 postRoll-v2.js Show response
fast.wistia.com/assets/external/ 107 KB
26 KB 403ms
402ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/postRoll-v2.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9d29abe7e0b594f91bc2677c11092145d29725dc298de388923d7cc73931f526

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
etag: "4b0247526f18cecceca83a2769ea4bdf"
age: 1826
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 04:59:11 GMT
last-modified: Thu, 21 Nov 2024 21:27:48 GMT
x-served-by: cache-iad-kcgs7200046-IAD, cache-yyz4521-YYZ
x-cache-hits: 38, 3
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1732251551.227321,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 26924
asset-version: b9a2c2c9092cb3ea1060dc261f4d49b395c6f5c3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 wistiaLogo.js Show response
fast.wistia.com/assets/external/ 70 KB
19 KB 404ms
404ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/wistiaLogo.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

352dbf0c3c7bf397d1279c250d775fba58370626da4110da258a09ee49f5ac31

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
etag: "ff746c7858db17cffaebed003e37fa5e"
age: 1825
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 04:59:11 GMT
last-modified: Thu, 21 Nov 2024 21:27:48 GMT
x-served-by: cache-iad-kcgs7200129-IAD, cache-yyz4521-YYZ
x-cache-hits: 37, 5
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1732251551.227306,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18776
asset-version: b9a2c2c9092cb3ea1060dc261f4d49b395c6f5c3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 OverlaysBehavior.js Show response
fast.wistia.com/assets/external/vulcanV2Player/behaviors/ 90 KB
23 KB 259ms
29ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/vulcanV2Player/behaviors/OverlaysBehavior.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

ba599b9f3a66b4fe9e7f74741aeb93aeea2a3422b085af669e9efd30cc482d3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer

Response headers

content-encoding: br
etag: "441691d32ad20d8768345c74940a65b7"
age: 1829
access-control-allow-methods: GET, HEAD
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 04:59:11 GMT
last-modified: Thu, 21 Nov 2024 21:27:48 GMT
x-served-by: cache-iad-kjyo7100087-IAD, cache-yyz4542-YYZ
x-cache-hits: 43, 6
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1732251552.905549,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23395
asset-version: b9a2c2c9092cb3ea1060dc261f4d49b395c6f5c3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 swatch
fast.wistia.com/embed/medias/58kkg9cpad/ 3 KB
83 B 94ms
93ms Image
image/jpeg 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/embed/medias/58kkg9cpad/swatch

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

c0ff8c1d10a080c556a2cb9ad98f2da4326cd79b2be346e1e8daf9925214545b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

etag: ILSkf4VoUSH_Cq3ScdtyA-6M9Vg=
age: 0
access-control-request-method: *
x-cache: HIT
x-amz-cf-id: scRbPT96pg8-6EKFKpewTFj6mD1nRkyuNvH_-R48j283K4ufnfoKfQ==
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: image/jpeg
x-served-by: cache-yyz4521-YYZ
x-cache-hits: 1
content-disposition: inline
vary: Origin
strict-transport-security: max-age=0
edge-cache-tag: fd40e35f5a7824e3dca68180d05ed147
cache-control: public, no-cache,max-age=31536000
timing-allow-origin: *
x-timer: S1732251552.719918,VS0,VE1
last-modified: Wed, 09 Mar 2022 19:02:49 UTC
x-cdn: cloudfront
x-envoy-upstream-service-time: 318
via: 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3339
x-amz-cf-pop: IAD61-P6, MIA3-C4
server: envoy

GET
H2 200 fd40e35f5a7824e3dca68180d05ed147.webp
embed-ssl.wistia.com/deliveries/ 117 KB
118 KB 574ms
384ms Image
image/webp 2600:9000:21b8:d000:1e:c86:4140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://embed-ssl.wistia.com/deliveries/fd40e35f5a7824e3dca68180d05ed147.webp?image_crop_resized=1920x1080
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21b8:d000:1e:c86:4140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: f575c3f79fd5e1d2232a7a42ed0bb5c7fd8fe1838e7f86d535e57a3d60f40ab4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

surrogate-key: fd40e35f5a7824e3dca68180d05ed147 thumbnail-delivery
etag: jk_s9EnUgX68vjUqKrFOOEX-54I=
access-control-request-method: *
x-cache: Miss from cloudfront
x-amz-cf-id: ynH2omri-BfWxDSF_q7dtWVkihTGHhZ7PqxY3viXoAh1JsRhG6MbOQ==
date: Fri, 22 Nov 2024 04:59:12 GMT
content-type: image/webp
content-disposition: inline
vary: Origin
last-modified: Wed, 09 Mar 2022 19:02:49 UTC
edge-cache-tag: fd40e35f5a7824e3dca68180d05ed147
cache-control: max-age=31536000
x-envoy-upstream-service-time: 252
x-cdn: cloudfront
via: 1.1 ecc843250500aa5c06bbd62ad8a4abd6.cloudfront.net (CloudFront)
accept-ranges: none
x-amz-cf-pop: JFK52-P9
server: envoy

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/404708046/ 5 KB
2 KB 270ms
101ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404708046/?random=1732251551756&cv=11&fst=1732251551756&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-404708046&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

12223e6f38bc18d2044fd6fe555901faf8c7975d5b4a83509f34b974eb15c660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2339
date: Fri, 22 Nov 2024 04:59:11 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 404708046
td.doubleclick.net/td/rul/ Frame 81AA 0
0 342ms
132ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/404708046?random=1732251551756&cv=11&fst=1732251551756&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-404708046&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.bywinona.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 04:59:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/404708046/ 5 KB
3 KB 270ms
103ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/404708046/?random=1732251551793&cv=11&fst=1732251551793&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&label=oYwGCMHkq4AYEM61_cAB&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-404708046&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

b588e88a3aac5d178c6bcf2733ec38d55fedcc5165cbeec5c5fd5f95cc475571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 2704
date: Fri, 22 Nov 2024 04:59:12 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 404708046
td.doubleclick.net/td/rul/ Frame F34B 0
0 330ms
133ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/404708046?random=1732251551793&cv=11&fst=1732251551793&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&label=oYwGCMHkq4AYEM61_cAB&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&ct_cookie_present=0

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-404708046&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.bywinona.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 04:59:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 15 KB
6 KB 320ms
77ms Script
application/javascript 108.139.33.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/0E3DCAC5-AD37-025A-024D-3D97D671892D/btp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.33.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-33-128.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 810394a8b51fe4ee67d68344a8e66a226778dfe3f468eaf858c91f6143f436ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

Transfer-Encoding: chunked
Vary: accept-encoding
Content-Encoding: gzip
ETag: W/"6e81002d3e79d18a41e8712ae4e87c69"
Age: 76871
Connection: keep-alive
Via: 1.1 ed016821a44f073856f1ffba399e1728.cloudfront.net (CloudFront)
X-Cache: Hit from cloudfront
X-Amz-Cf-Id: XnnzSdQS8D2Qk4UT6quManup0Rcr6cREI_HMdVoBgjYYEVfX4Yl4Bg==
Date: Thu, 21 Nov 2024 07:38:02 GMT
Content-Type: application/javascript
Last-Modified: Thu, 21 Nov 2024 07:37:22 GMT
Server: AmazonS3
X-Amz-Cf-Pop: JFK50-P2
x-amz-server-side-encryption: AES256

GET
H2 200 loader.min.js Show response
files1.cybba.solutions/3001/ 82 KB
23 KB 293ms
112ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL

https://files1.cybba.solutions/3001/loader.min.js

Requested by

Host: www.rtb123.com
URL: https://www.rtb123.com/tags/0E3DCAC5-AD37-025A-024D-3D97D671892D/btp.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 Datacamp Limited, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

431c49ed52512fea5e4ebed8b7d7fe07ee0c45798b43db4569a70cb8cdb3e0a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

x-robots-tag: noindex
cdn-status: 200
content-encoding: br
etag: "66e8a2fe-14864"
expires: Thu, 21 Nov 2024 03:00:22 GMT
date: Fri, 22 Nov 2024 04:59:12 GMT
last-modified: Mon, 16 Sep 2024 21:28:30 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
x-frame-options: SAMEORIGIN
cdn-requestpullcode: 200
strict-transport-security: max-age=3600
cdn-cachedat: 11/21/2024 02:00:25
cache-control: public, max-age=3600
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: a080e070-2552-4896-b206-e42f1464eeab
cdn-requestid: aebe2fae7196a665a6beda0436d4118e
cdn-pullzone: 116099
cdn-proxyver: 1.06
cdn-edgestorageid: 885
server: BunnyCDN-NY1-885
cdn-requestcountrycode: CA

GET
H2 200 cybba_latest.min.js Show response
d2rp1k1dldbai6.cloudfront.net/ 79 KB
21 KB 249ms
73ms Script
application/javascript 2600:9000:2511:b400:d:87ae:bb80:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2rp1k1dldbai6.cloudfront.net/cybba_latest.min.js
Requested by: Host: www.rtb123.com
URL: https://www.rtb123.com/tags/0E3DCAC5-AD37-025A-024D-3D97D671892D/btp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2511:b400:d:87ae:bb80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 80243c0eeae689869de0f927a5190edbab922099052163d422112b7fb437c1b6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

vary: accept-encoding
content-encoding: br
etag: W/"d593ca739898b8f46518c0948b05da76"
x-amz-version-id: df.ohngn.AnMI9EIGl.SEdD0QEaWQPx6
age: 69029
via: 1.1 c38cfac20df9757e670e782ca61768aa.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
x-amz-cf-id: tfWDToZE-ByfAY_xKtELup-kC25CBVved_hd7rs6zX04HBw9RMdA2A==
date: Thu, 21 Nov 2024 09:48:44 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 00:14:38 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6
x-amz-server-side-encryption: AES256

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16613637030/ 5 KB
2 KB 197ms
96ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16613637030/?random=1732251551856&cv=11&fst=1732251551856&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9188688197z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16613637030&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad2ac999523a38bad81640c47b1909f6cad26a42b908eb3d6f4c1225a42cdf0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2342
date: Fri, 22 Nov 2024 04:59:11 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16613637030
td.doubleclick.net/td/rul/ Frame 3A50 0
0 249ms
135ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16613637030?random=1732251551856&cv=11&fst=1732251551856&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9188688197z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-16613637030&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.bywinona.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 04:59:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 408 KB
131 KB 175ms
174ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G271KV42Y7

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/googleAnalytics4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c167c376f9bccde8e49bdb4c52b145eb2b247b696fb77445ced25501b0721f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 04:59:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134525
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 408 KB
132 KB 71ms
71ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-G271KV42Y7&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2d219940c2822453da60084dbc5748e359d4f093c83f7d45f271ff14c1ed431

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 04:59:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 134633
x-xss-protection: 0
server: Google Tag Manager

GET
H/1.1 200
OK 008c4f795d7397bf464df1c7c328ddc6d6 Show response
wave.outbrain.com/mtWavesBundler/handler/ 3 KB
2 KB 393ms
124ms Script
text/html 104.118.9.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://wave.outbrain.com/mtWavesBundler/handler/008c4f795d7397bf464df1c7c328ddc6d6

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.118.9.170 Secaucus, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-118-9-170.deploy.static.akamaitechnologies.com

Software

Resource Hash

09586b30e129551d5c64e49feb38334bd0b4549730126f3a48994d84c57d389c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
Cache-Control: max-age=60
ob-sent-time: 1732166272367
Content-Encoding: gzip
ETag: W/"cf7-MJL2Mz2N1AIGdnWPwT721N1HPoI"
Connection: keep-alive
Expires: Fri, 22 Nov 2024 05:00:12 GMT
Access-Control-Allow-Origin: *
X-CC: CA
Content-Length: 1505
X-RG: NA
Date: Fri, 22 Nov 2024 04:59:12 GMT
Content-Type: text/html; charset=utf-8
Vary: Accept-Encoding
x-traceid: 2558eef4237473265ec1e7478ae2c79f

GET
H/1.1 200
OK topics Show response
amplify.outbrain.com/ 26 B
301 B 436ms
187ms Fetch
text/html 23.51.57.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/topics
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.57.192 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-57-192.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

Cache-Control: max-age=1200
Connection: keep-alive
Observe-Browsing-Topics: ?1
Expires: Fri, 22 Nov 2024 05:19:12 GMT
Access-Control-Allow-Origin: *
X-CC: CA
Content-Length: 26
X-RG: NA
Date: Fri, 22 Nov 2024 04:59:12 GMT
Content-Type: text/html

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ 53 B
321 B 443ms
189ms Fetch
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=false&bust=021273558522229408&referrer=&cht=gtm&marketerId=008c4f795d7397bf464df1c7c328ddc6d6&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&g=1&zone=all&obApiVersion=2.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Fri, 22 Nov 2024 04:59:12 GMT
content-type: image/gif;
x-traceid: d3e884fcbac7bc7af10dad18b4d7d509

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
293 B 503ms
175ms Script
application/javascript 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/cachedClickId?marketerId=008c4f795d7397bf464df1c7c328ddc6d6

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 39
content-encoding: br
date: Fri, 22 Nov 2024 04:59:12 GMT
content-type: application/javascript
x-traceid: bea16646bab6fbf6ada369a468c21402

GET
H2 200 adsct
t.co/1/i/ 43 B
626 B 507ms
253ms Image
image/gif 162.159.140.229
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=af32127a-30df-4f65-90bc-1fb6d6f53144&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4e22e765-ffb9-4d96-9fed-6c5da938039f&tw_document_href=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&tw_iframe_status=0&txn_id=o9cl4&type=javascript&version=2.3.31

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.159.140.229 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

strict-transport-security: max-age=0
x-transaction-id: 0d698ccc4c0da3e7
cache-control: no-cache, no-store, max-age=0
x-connection-hash: 02262df10f241091729fefe746830ac26887d90b4a6178c22a9ecf60bdd26ab3
cf-cache-status: DYNAMIC
cf-ray: 8e66594a08b8ac25-YYZ
x-response-time: 5
content-length: 43
date: Fri, 22 Nov 2024 04:59:12 GMT
content-type: image/gif;charset=utf-8
perf: 7402827104
server: cloudflare tsa_b

GET
H2 200 adsct
analytics.twitter.com/1/i/ 43 B
723 B 625ms
268ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/1/i/adsct?bci=4&dv=America%2FVancouver%26en-US%2Cen%26Google%20Inc.%26Linux%20x86_64%26255%261600%261200%2616%2624%261600%261200%260%26na&eci=3&event=%7B%7D&event_id=af32127a-30df-4f65-90bc-1fb6d6f53144&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4e22e765-ffb9-4d96-9fed-6c5da938039f&tw_document_href=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&tw_iframe_status=0&txn_id=o9cl4&type=javascript&version=2.3.31

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

strict-transport-security: max-age=631138519
x-transaction-id: f92ce5b3b230ba1a
cache-control: no-cache, no-store, max-age=0
x-connection-hash: d7a51885caa72aec5f0c72c3037bc06a969f6bb81727cf7553934088f72a029c
x-response-time: 81
content-length: 43
date: Fri, 22 Nov 2024 04:59:11 GMT
perf: 7402827104
content-type: image/gif;charset=utf-8
server: tsa_b

GET
H2 200 topics_api Show response
psb.taboola.com/ 65 B
281 B 433ms
191ms Fetch
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://psb.taboola.com/topics_api
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1372602/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: private, max-age=2592000
retry-after: 0
x-timer: S1732251552.211528,VS0,VE0
observe-browsing-topics: ?1
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-cache: HIT
content-length: 65
date: Fri, 22 Nov 2024 04:59:12 GMT
content-type: text/html; charset=utf-8
x-served-by: cache-yul1970076-YUL
server: Varnish
x-cache-hits: 0

GET
H2 200 json Show response
trc.taboola.com/1372602/trc/3/ 3 KB
2 KB 118ms
112ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1372602/trc/3/json?tim=1732251551969&data=%7B%22id%22%3A732%2C%22ii%22%3A%22%2Fgoogle-1%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1732251551943%2C%22cv%22%3A%2220241116-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-roboutliantcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1732251551967%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1%22%2C%22tos%22%3A20%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22it%22%3A%22JS_PIXEL%22%2C%22supv%22%3Atrue%7D%2C%22pa%22%3A%7B%22su%22%3Atrue%7D%2C%22psb%22%3Atrue%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1372602/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a1e2e41528228f74af5ca262f7c91963497c1b2ab1bab3f955b42eb028c4b62e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: gzip
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-log-content-encoding: gzip
date: Fri, 22 Nov 2024 04:59:12 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-yul1970038-YUL
x-cache-hits: 0
vary: Accept-Encoding
x-fastly-to-nlb-rtt: 21235
x-timer: S1732251552.092079,VS0,VE43
x-vcl-time-ms: 43
access-control-allow-credentials: true
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: *
x-service-version: v1
server: nginx

GET
H2 200 clarity.js Show response
www.clarity.ms/s/0.7.56/ 66 KB
28 KB 78ms
76ms Script
application/javascript 2620:1ec:bdf::40
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/s/0.7.56/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/i4ecmmn6rh
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2620:1ec:bdf::40 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

x-azure-ref: 20241122T045911Z-r1d48674995mxl4zhC1YMQhxxw00000000qg0000000096hx
cache-control: public, max-age=86400
x-ms-version: 2018-03-28
content-encoding: br
etag: W/"0x8DD041B2B98F09E"
x-fd-int-roxy-purgeid: 79034942
x-ms-request-id: a65eff0a-f01e-0052-473f-3c5233000000
access-control-allow-origin: *
x-cache: TCP_HIT
date: Fri, 22 Nov 2024 04:59:11 GMT
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
last-modified: Wed, 13 Nov 2024 19:41:29 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
93 KB 402ms
402ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16593713869

Requested by

Host: pm.geniusmonkey.com
URL: https://pm.geniusmonkey.com/gm.js?id=1028351688&z=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fd9f317167bec2205264dc16b5b969614577da1095908b454f4af1d6cb009b92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 04:59:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94807
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
93 KB 161ms
161ms Script
application/javascript 2607:f8b0:4006:824::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-16593713869&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-54NPNJD

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:824::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82f561b6e6c19954083879d8f9f43f55f919945a905f5c5292a0a3ecb8b58122

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 22 Nov 2024 04:59:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 22 Nov 2024 04:59:12 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 22 Nov 2024 03:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 94898
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

gm-08A48GG39.png
pm.geniusmonkey.com/r/
Redirect Chain

https://pm.geniusmonkey.com/gm.png?id=226606161&pv=undefined&qs=&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&r=&cbgm=1732251551998
https://pm.geniusmonkey.com/r/gm-08A48GG39.png

68 B
498 B

163ms
163ms

Image
image/png

34.117.190.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm.geniusmonkey.com/r/gm-08A48GG39.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Server: 34.117.190.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.190.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=sfVMdw==, md5=l4wb7knXrV/BpNgQmbE+GA==
etag: "978c1bee49d7ad5fc1a4d81099b13e18"
age: 1855
x-goog-stored-content-encoding: identity
expires: Fri, 22 Nov 2024 05:28:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 68
date: Fri, 22 Nov 2024 04:28:17 GMT
last-modified: Tue, 11 Jan 2022 19:32:52 GMT
content-type: image/png
x-guploader-uploadid: AFiumC4lG1aO4mgDGJqPzmwdlWWY5B6d5NpwUHPm3PzDet-QQbMBnQvwAbTKxPj3YrDl7Fo8OHLAQM4GIg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1641929572207890
content-length: 68
server: UploadServer

Redirect headers

location: https://pm.geniusmonkey.com/r/gm-08A48GG39.png
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 22 Nov 2024 04:59:12 GMT
x-cloud-trace-context: f9895e3b5c799c7d640e855b4760ac9d
content-type: text/html
server: Google Frontend

GET
H2

200

gm-08A48GG39.png
pm.geniusmonkey.com/r/
Redirect Chain

https://pm.geniusmonkey.com/gm.png?id=226606162&pv=undefined&qs=&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&r=&cbgm=1732251551999
https://pm.geniusmonkey.com/r/gm-08A48GG39.png

68 B
0

96ms
96ms

Image
image/png

34.117.190.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm.geniusmonkey.com/r/gm-08A48GG39.png
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1
Protocol: H2
Server: 34.117.190.90 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 90.190.117.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

x-goog-metageneration: 1
x-goog-hash: crc32c=sfVMdw==, md5=l4wb7knXrV/BpNgQmbE+GA==
etag: "978c1bee49d7ad5fc1a4d81099b13e18"
age: 1855
x-goog-stored-content-encoding: identity
expires: Fri, 22 Nov 2024 05:28:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-goog-stored-content-length: 68
date: Fri, 22 Nov 2024 04:28:17 GMT
last-modified: Tue, 11 Jan 2022 19:32:52 GMT
content-type: image/png
x-guploader-uploadid: AFiumC4lG1aO4mgDGJqPzmwdlWWY5B6d5NpwUHPm3PzDet-QQbMBnQvwAbTKxPj3YrDl7Fo8OHLAQM4GIg
cache-control: public, max-age=3600
x-goog-storage-class: STANDARD
via: 1.1 google
accept-ranges: bytes
x-goog-generation: 1641929572207890
content-length: 68
server: UploadServer

Redirect headers

location: https://pm.geniusmonkey.com/r/gm-08A48GG39.png
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Fri, 22 Nov 2024 04:59:12 GMT
x-cloud-trace-context: e8112b87428a443aebf3aab1a7b517f6
content-type: text/html
server: Google Frontend

GET
H3 200 /
www.google.com/pagead/1p-user-list/16613637030/ 42 B
64 B 315ms
314ms Image
image/gif 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16613637030/?random=1732251551856&cv=11&fst=1732248000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9188688197z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dwAfme71jxEyvfLAf5kZqXFDovmnJmg&random=1278592910&rmt_tld=0&ipr=y

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 04:59:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/16613637030/ 42 B
64 B 573ms
118ms Image
image/gif 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/16613637030/?random=1732251551856&cv=11&fst=1732248000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v9188688197z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dwAfme71jxEyvfLAf5kZqXFDovmnJmg&random=1278592910&rmt_tld=1&ipr=y

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 04:59:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.com/pagead/1p-user-list/404708046/ 42 B
64 B 412ms
411ms Image
image/gif 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/404708046/?random=1732251551756&cv=11&fst=1732248000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dWh3r9oLpzu5LviIbNa2G0e_R_QR24g&random=1837519542&rmt_tld=0&ipr=y

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 04:59:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/404708046/ 42 B
64 B 554ms
118ms Image
image/gif 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/404708046/?random=1732251551756&cv=11&fst=1732248000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dWh3r9oLpzu5LviIbNa2G0e_R_QR24g&random=1837519542&rmt_tld=1&ipr=y

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 04:59:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3

200

/
www.google.ca/pagead/1p-conversion/404708046/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/404708046/?random=352550259&cv=11&fst=1732251551793&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=...
https://www.google.com/pagead/1p-conversion/404708046/?random=352550259&cv=11&fst=1732251551793&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&ta...
https://www.google.ca/pagead/1p-conversion/404708046/?random=352550259&cv=11&fst=1732251551793&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag...

42 B
64 B

88ms
88ms

Image
image/gif

2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-conversion/404708046/?random=352550259&cv=11&fst=1732251551793&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&label=oYwGCMHkq4AYEM61_cAB&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&value=0&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIhYat85PviQMVmxVoCB135xEIMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3NlY3VyZS5ieXdpbm9uYS5jb20vQlhDaEVJZ05IN3VRWVEydl9aa09UUDNkMkpBUkl0QUdhT1NlalJrbEhTUXNwa1E0SWJMMTB6VGNvMmQ2Nk9ob015OWRtQVl6LXdRYzZIeVdEazYzTUZSTE1Y&is_vtc=1&cid=CAQSKQCa7L7dWCTqLi5hDGfO0k7UYP1fE08_VwHWz_rG3atkucL_U0a00OK_&eitems=ChAIgNH7uQYQ8oG84-Dblb8xEh0AOg6ElxUn92ICX64ce6yctr2tVBcM0mO000oPMg&random=2071919221&ipr=y

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 04:59:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.ca/pagead/1p-conversion/404708046/?random=352550259&cv=11&fst=1732251551793&bg=ffffff&guid=ON&async=1&gtm=45be4bk0v878364662z8831011745za201zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&label=oYwGCMHkq4AYEM61_cAB&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&value=0&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&capi=1&fmt=3&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrECSid0cmlnZ2VyLCBldmVudC1zb3VyY2U9bmF2aWdhdGlvbi1zb3VyY2VaAwoBAWIECgICAw&pscrd=IhMIhYat85PviQMVmxVoCB135xEIMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3NlY3VyZS5ieXdpbm9uYS5jb20vQlhDaEVJZ05IN3VRWVEydl9aa09UUDNkMkpBUkl0QUdhT1NlalJrbEhTUXNwa1E0SWJMMTB6VGNvMmQ2Nk9ob015OWRtQVl6LXdRYzZIeVdEazYzTUZSTE1Y&is_vtc=1&cid=CAQSKQCa7L7dWCTqLi5hDGfO0k7UYP1fE08_VwHWz_rG3atkucL_U0a00OK_&eitems=ChAIgNH7uQYQ8oG84-Dblb8xEh0AOg6ElxUn92ICX64ce6yctr2tVBcM0mO000oPMg&random=2071919221&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 04:59:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK user Show response
app.cybba.solutions/ 143 B
512 B 661ms
317ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/user?callback=_vtsdk.User.callbackUser&shopId=3001&oldUserId=undefined&email=null&_ts=72255883

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/3001/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

3caaac450c0a2cbc4723121b43daceb699d8ef69c69e31ec4b30e12463fd6a1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Cache-Control: no-cache
x-process-time: 0.010773420333862305
Connection: close
Expires: Fri, 22 Nov 2024 04:59:11 GMT
Content-Length: 143
Date: Fri, 22 Nov 2024 04:59:12 GMT
Content-Type: text/javascript;; charset=utf-8
Server: nginx, nginx
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK / Show response
pro.ip-api.com/json/ 283 B
439 B 549ms
151ms XHR
application/json 38.91.101.241
AS-GLOBALTELEHOST

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.ip-api.com/json/?key=aUoasJP8dMuydUf
Requested by: Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/3001/loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.91.101.241 New York, United States, ASN63023 (AS-GLOBALTELEHOST, US),
Reverse DNS: us-ny-1.pro.ip-api.com
Software: /
Resource Hash: deb2cd9db4e16675713653b7f2804eabac1340bcfc1ed46a1435684a4257875a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

Access-Control-Allow-Origin: *
Content-Length: 283
Date: Fri, 22 Nov 2024 04:59:12 GMT
Content-Type: application/json; charset=utf-8

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
283 B 508ms
95ms XHR
text/plain 51.8.71.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.71.184 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://secure.bywinona.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://secure.bywinona.com
Date: Fri, 22 Nov 2024 04:59:12 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 108ms
108ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1372602/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: gzip
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
age: 2411
x-cache: HIT
date: Fri, 22 Nov 2024 04:59:12 GMT
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
x-served-by: cache-yul1970038-YUL
x-cache-hits: 1506
content-type: application/javascript
x-amz-id-2: Q1gDJRgc/NEOPCIzVbqusAV5KytBIP8nyXe5jU+JXJeGHfgKpTLg7uHmjSn3yVbf1u4f0iW0YyVerhNGsZCsYw==
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private, max-age=3600
x-timer: S1732251552.225444,VS0,VE0
via: 1.1 varnish
x-amz-request-id: FFGTMH9CSVAH9MGT
accept-ranges: bytes
access-control-allow-origin: *
abp: 31
content-length: 1347
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 eid.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 117ms
116ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eid.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1372602/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-encoding: gzip
etag: "2fdf3e79d5e851201a0d52a886453d8b"
x-amz-version-id: Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
age: 8076
x-cache: HIT
date: Fri, 22 Nov 2024 04:59:12 GMT
last-modified: Sun, 02 Apr 2023 13:09:57 GMT
x-served-by: cache-yul1970038-YUL
x-cache-hits: 5138
content-type: application/javascript
x-amz-id-2: yU1q8d4uhAbDIF7RNmsyRb/pqWx70tDOviavJ6kl/6XAhXyXEZjBf16CN0YH1UPFw8dtW1yc3VVCFbVRQOaOfSG5UJbXROp7TPHjnuA8ldo=
vary: Accept-Encoding
x-amz-replication-status: COMPLETED
cache-control: private,max-age=14400
x-timer: S1732251552.233273,VS0,VE0
via: 1.1 varnish
x-amz-request-id: 13PKXMN99FCTH61J
accept-ranges: bytes
access-control-allow-origin: *
abp: 10
content-length: 6467
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 / Show response
pips.taboola.com/ 4 B
91 B 163ms
154ms XHR
text/plain 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: no-store
retry-after: 0
access-control-allow-methods: GET
via: 1.1 varnish
accept-ranges: bytes
access-control-allow-origin: https://secure.bywinona.com
x-cache: HIT
content-length: 4
date: Fri, 22 Nov 2024 04:59:12 GMT
x-served-by: cache-yul1970076-YUL
server: Varnish
x-cache-hits: 0

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
283 B 427ms
99ms XHR
text/plain 51.8.71.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.71.184 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://secure.bywinona.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://secure.bywinona.com
Date: Fri, 22 Nov 2024 04:59:12 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 582ms
171ms XHR
text/plain 141.226.230.50
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.50 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

access-control-allow-origin: *
cache-control: no-store
date: Fri, 22 Nov 2024 04:59:13 GMT
server: nginx

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/16593713869/ 5 KB
2 KB 69ms
69ms Script
text/javascript 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/16593713869/?random=1732251552834&cv=11&fst=1732251552834&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16593713869&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5dda242191ad57ada8dd627c60931eb738c7ced9ec7943bc58d5e25b854cfde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: no-cache, must-revalidate
timing-allow-origin: *
content-encoding: br
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length: 2364
date: Fri, 22 Nov 2024 04:59:12 GMT
x-xss-protection: 0
content-type: text/javascript; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H2 200 16593713869
td.doubleclick.net/td/rul/ Frame E69F 0
0 71ms
70ms Document
text/html 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/rul/16593713869?random=1732251552834&cv=11&fst=1732251552834&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-16593713869&l=dataLayer&cx=c&gtm=45He4bk0v831011745za200

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://secure.bywinona.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Nov 2024 04:59:12 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 /
www.google.com/pagead/1p-user-list/16593713869/ 42 B
64 B 65ms
64ms Image
image/gif 2607:f8b0:4006:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/16593713869/?random=1732251552834&cv=11&fst=1732248000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dQNq1KER0mzClLQX-IBDtvl6mC80CRQ3WqaKNxTPqOiXSIYAU&random=1784444556&rmt_tld=0&ipr=y

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:808::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 04:59:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 /
www.google.ca/pagead/1p-user-list/16593713869/ 42 B
64 B 65ms
65ms Image
image/gif 2607:f8b0:4006:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/16593713869/?random=1732251552834&cv=11&fst=1732248000000&bg=ffffff&guid=ON&async=1&gtm=45be4bk0za200zb831011745&gcd=13l3l3l3l1l1&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&u_w=1600&u_h=1200&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&hn=www.googleadservices.com&frm=0&tiba=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&npa=0&pscdl=noapi&auid=1065174452.1732251551&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQCa7L7dQNq1KER0mzClLQX-IBDtvl6mC80CRQ3WqaKNxTPqOiXSIYAU&random=1784444556&rmt_tld=1&ipr=y

Requested by

Host: secure.bywinona.com
URL: https://secure.bywinona.com/google-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 22 Nov 2024 04:59:12 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H/1.1 200
OK unifiedPixel Show response
tr.outbrain.com/ 53 B
321 B 60ms
60ms Fetch
image/gif 70.42.32.31
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.outbrain.com/unifiedPixel?au=false&bust=05094684846323474&referrer=&cht=gtm&marketerId=008c4f795d7397bf464df1c7c328ddc6d6&name=PAGE_VIEW&dl=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&g=1&zone=all&obApiVersion=2.0-gtm&obtpVersion=2.0.5

Requested by

Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

70.42.32.31 , United States, ASN22075 (AS-OUTBRAIN, US),

Reverse DNS

ny.outbrain.com

Software

Resource Hash

b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: no-cache
content-length: 54
content-encoding: br
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/gif;
x-traceid: 80edfa9465496dfe91147e141dc05fda

GET
H2 200 playPauseLoadingControl.js Show response
fast.wistia.com/assets/external/ 83 KB
22 KB 34ms
34ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/playPauseLoadingControl.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

31cd4ae71f69ea5e871149680ccd55afca9760d99289699eab09f9778efc3a64

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer

Response headers

content-encoding: br
etag: "b78e19c3156d4b7f50fa301bd17f3627"
age: 1833
access-control-allow-methods: GET, HEAD
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 04:59:13 GMT
last-modified: Thu, 21 Nov 2024 21:27:48 GMT
x-served-by: cache-iad-kiad7000065-IAD, cache-yyz4542-YYZ
x-cache-hits: 45, 70
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1732251553.042222,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 22490
asset-version: b9a2c2c9092cb3ea1060dc261f4d49b395c6f5c3
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 cf-logo.png
secure.bywinona.com/funnels/paused-account/ 6 KB
6 KB 195ms
187ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/funnels/paused-account/cf-logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa64be7e67aeedc05d88ad037251e9ee7ab5a640c3d924e55fb72a498adbf255

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

cf-cache-status: EXPIRED
etag: "673f6e6e-17c9"
cf-ray: 8e66594eade44315-EWR
accept-ranges: bytes
content-length: 6089
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/png
last-modified: Thu, 21 Nov 2024 17:31:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 dr-michael-green.jpg
secure.bywinona.com/hosted/images/a8/75e2b35b7c4df4ada40a5e5b3518bd/ 132 KB
132 KB 944ms
937ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/a8/75e2b35b7c4df4ada40a5e5b3518bd/dr-michael-green.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfaf5adc8b86566df387aeed7506207c5188758a27c5fce60ea0c8fe9c6474b1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "713b2b118336143d649deacd9bb89c35"
cf-ray: 8e66594eade84315-EWR
accept-ranges: bytes
content-length: 135276
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/jpeg
last-modified: Wed, 09 Mar 2022 05:34:19 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 dr-cathleen-brown.jpg
secure.bywinona.com/hosted/images/bd/134a6dfccc479a8b322d5ffcada3f5/ 50 KB
50 KB 331ms
324ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/bd/134a6dfccc479a8b322d5ffcada3f5/dr-cathleen-brown.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b9f16eae5849411753aee9e74cf8356f1c16798bdfdfb1cda2150e7917d191

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "4bb0da9b48bae7d34bc849060746b5d4"
cf-ray: 8e66594eade94315-EWR
accept-ranges: bytes
content-length: 50933
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/jpeg
last-modified: Wed, 09 Mar 2022 05:34:19 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 closemodal.png
assets.clickfunnels.com/images/ 672 B
1 KB 641ms
275ms Image
image/webp 2606:4700::6810:dc2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.clickfunnels.com/images/closemodal.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:dc2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cf-cache-status: HIT
etag: "67210410-314"
age: 127793
cf-bgj: imgq:100,h2pri
expires: Mon, 23 Dec 2024 04:59:13 GMT
cf-polished: origFmt=png, origSize=788
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/webp
content-disposition: inline; filename="closemodal.webp"
vary: Accept, Accept-Encoding
last-modified: Tue, 29 Oct 2024 15:49:36 GMT
cache-control: public, max-age=2678400
cf-ray: 8e665950de9d3342-EWR
accept-ranges: bytes
content-length: 672
server: cloudflare

GET
H2 200 close-btn-icon.png
secure.bywinona.com/hosted/images/5b/1ae15460e84ad290b360477c0233bb/ 372 B
482 B 895ms
888ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/5b/1ae15460e84ad290b360477c0233bb/close-btn-icon.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e573b6d8ac35818ade8c034c3df8c0313958a764d06b17a3622f26d5eee15ddc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "79e875a93696e5f125b4eaab02c7c6f5"
cf-ray: 8e66594eadea4315-EWR
accept-ranges: bytes
content-length: 372
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/png
last-modified: Tue, 08 Mar 2022 01:27:12 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 winona-logo.png
secure.bywinona.com/hosted/images/b2/110cd1e47944e8a0f000fdda1952f2/ 2 KB
2 KB 361ms
355ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/b2/110cd1e47944e8a0f000fdda1952f2/winona-logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75a3f0e1bf41956f9b43ae87a5234dbcf7b5b9436dd8cecf97b0d947d26c0311

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "31c2c5e61f868826314f3e868c3ea468"
cf-ray: 8e66594eadec4315-EWR
accept-ranges: bytes
content-length: 1753
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/png
last-modified: Thu, 27 Jan 2022 05:30:58 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 woman-image-v2.png
secure.bywinona.com/hosted/images/04/be2db2da27425ea3d4bb5b184ff34c/ 159 KB
159 KB 896ms
891ms Image
image/png 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/04/be2db2da27425ea3d4bb5b184ff34c/woman-image-v2.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ee122b70efe682a08cbe6f313d58ad950aa1558ca8fe2b8f14313496d56544

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "b4e3dabf0c13a9b17d89f41217901bec"
cf-ray: 8e66594eaded4315-EWR
accept-ranges: bytes
content-length: 162517
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/png
last-modified: Tue, 10 May 2022 13:32:10 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 sec-3-image-x2.jpg
secure.bywinona.com/hosted/images/c3/ef6f8d135d4b63969d6265b8992ca1/ 75 KB
75 KB 933ms
928ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/c3/ef6f8d135d4b63969d6265b8992ca1/sec-3-image-x2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ee8818c4f9b2d770f286bf85510048ca3a4c6db2a351a067865c5625616decd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "51c60a205efc87dc16eb996e8ff6dc7e"
cf-ray: 8e66594eadee4315-EWR
accept-ranges: bytes
content-length: 76949
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/jpeg
last-modified: Tue, 08 Mar 2022 03:42:59 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 woman-using-laptop-v2.jpg
secure.bywinona.com/hosted/images/44/4ccbfb3020492a898ae7f78e92ca15/ 297 KB
298 KB 594ms
590ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/44/4ccbfb3020492a898ae7f78e92ca15/woman-using-laptop-v2.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9af6f04b4f872675a365b6f973db29b0ecc7614781f6d8fda6e77e5646f998aa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "9af430e95f56204569f0cf733d667579"
cf-ray: 8e66594eadef4315-EWR
accept-ranges: bytes
content-length: 304251
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/jpeg
last-modified: Wed, 09 Mar 2022 06:06:16 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 woman-using-laptop-mobile.jpg
secure.bywinona.com/hosted/images/f2/d100d3de66469d890d6be9181cf05e/ 145 KB
146 KB 856ms
852ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/f2/d100d3de66469d890d6be9181cf05e/woman-using-laptop-mobile.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6643f2c67fba4bfe40a1533d5478cb4d6b3cc75913ac0ab99cca7a954bcb72f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "c5d28f3c683ca4c62eac015725bca23b"
cf-ray: 8e66594eadf24315-EWR
accept-ranges: bytes
content-length: 148961
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/jpeg
last-modified: Wed, 09 Mar 2022 13:29:36 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 weight-gain-image.jpg
secure.bywinona.com/hosted/images/13/4f81e3ec50444f88b227c16ba67bea/ 69 KB
69 KB 370ms
366ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/13/4f81e3ec50444f88b227c16ba67bea/weight-gain-image.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a00307bb2e8f5e6c3ed30ecc498f0c8e3e894f24d51c29e6fc8c71fb496701bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "53fd86b77445824a8268328d78991b7d"
cf-ray: 8e66594eadf34315-EWR
accept-ranges: bytes
content-length: 70714
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/jpeg
last-modified: Wed, 09 Mar 2022 06:44:30 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 menopause-image.jpg
secure.bywinona.com/hosted/images/ab/677b49efac4cab8b6bd645d2514c71/ 72 KB
72 KB 923ms
919ms Image
image/jpeg 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.bywinona.com/hosted/images/ab/677b49efac4cab8b6bd645d2514c71/menopause-image.jpg
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c605cd8200aa8a5c4bc598d63e40a8ef787b690be85abc69072a47904ab3099

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

server: cloudflare
cache-control: max-age=31536000
cf-cache-status: MISS
etag: "6bc3aee077ee8ce6db0da229056f9652"
cf-ray: 8e66594eadf44315-EWR
accept-ranges: bytes
content-length: 73392
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: image/jpeg
last-modified: Wed, 09 Mar 2022 06:44:30 GMT
vary: Accept-Encoding
x-amz-cf-pop: JFK52-P8

GET
H2 200 background.png Show response
secure.bywinona.com/images/ 119 B
472 B 356ms
354ms XHR
text/javascript 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.bywinona.com/images/background.png?_unique=0.1787357356488286&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//secure.bywinona.com/google-1&_title=Winona%20Wellness%20Center%20by%20Women%2C%20for%20Women&_key=85fhwnn5&_page_key=3r84hcr2dubnpsk9&_fid=11914323&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://secure.bywinona.com/google-1&_referrer=
Requested by: Host: secure.bywinona.com
URL: https://secure.bywinona.com/vendor.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Phusion Passenger Enterprise 6.0.7
Resource Hash: 137bfcbb5307bc5426ffba2cccf4ab54a72a156d83ec785b15dd167990f30f07

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/google-1

Response headers

x-request-id: 9df0b2d4f2db143a160cd96b976b7827
content-encoding: br
cf-cache-status: MISS
etag: W/"137bfcbb5307bc5426ffba2cccf4ab54"
x-rack-cache: miss
access-control-allow-methods: POST, GET
access-control-request-method: *
expires: Fri, 29 Nov 2024 04:59:13 GMT
status: 200 OK
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-runtime: 0.039994
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
cache-control: public, max-age=604800
cf-ray: 8e66594eadf14315-EWR
access-control-allow-origin: *
x-powered-by: Phusion Passenger Enterprise 6.0.7
server: cloudflare

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
327 B 633ms
133ms Fetch
text/plain 2600:9000:266a:2600:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:2600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://secure.bywinona.com/

Response headers

x-envoy-upstream-service-time: 0
access-control-allow-methods: POST, OPTIONS
via: 1.1 ea917192c0be5d0a503335e41055eafe.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 2
x-amz-cf-id: ifZos6DdhWC1Uv75t3YBBlAu5I_inxmDuDiLXhDbYydDpoO4nHz1Qg==
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: text/plain; charset=utf-8
x-amz-cf-pop: JFK52-P5
server: envoy

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E6079746F90C472EB28CF35F914C2C13&RedC=c.clarity.ms&MXFR=1B9CC229C07E69000A91D716C47E67CD
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6079746F90C472EB28CF35F914C2C13&MUID=26A50DFF219C61F118E718C0204A6063

42 B
465 B

51ms
50ms

Image
image/gif

20.110.205.119
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6079746F90C472EB28CF35F914C2C13&MUID=26A50DFF219C61F118E718C0204A6063
Protocol: H2
Server: 20.110.205.119 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: private, no-cache, proxy-revalidate, no-store
pragma: no-cache
etag: "8d3dafd6e71fdb1:0"
accept-ranges: bytes
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 42
date: Fri, 22 Nov 2024 04:59:14 GMT
content-type: image/gif
last-modified: Wed, 16 Oct 2024 16:24:13 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

Redirect headers

cache-control: private, no-cache, proxy-revalidate, no-store
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E6079746F90C472EB28CF35F914C2C13&MUID=26A50DFF219C61F118E718C0204A6063
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A60DAF39E5944157A074376D2B7AADBF Ref B: YMQ01EDGE0309 Ref C: 2024-11-22T04:59:13Z
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length: 0
date: Fri, 22 Nov 2024 04:59:13 GMT
x-powered-by: ASP.NET

GET
H2 200 hls_video.js Show response
fast.wistia.com/assets/external/engines/ 520 KB
128 KB 173ms
173ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/engines/hls_video.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

3ec7791fd91e00ee21de3a1e5c5b7ddbf39247b89aec4e826a51b304ae857f70

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer

Response headers

content-encoding: br
etag: "6f42a371855a91aa28d0b2e3e2c27a7e"
age: 1831
access-control-allow-methods: GET, HEAD
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 04:59:13 GMT
last-modified: Thu, 21 Nov 2024 21:27:47 GMT
x-served-by: cache-iad-kcgs7200078-IAD, cache-yyz4542-YYZ
x-cache-hits: 40, 2
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1732251553.218440,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 130851
asset-version: b9a2c2c9092cb3ea1060dc261f4d49b395c6f5c3
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H2 204 rum Show response
secure.bywinona.com/cdn-cgi/ 0
185 B 242ms
240ms XHR
text/plain 2606:4700::6810:10c2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.bywinona.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6810:10c2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
content-type: application/json
Referer: https://secure.bywinona.com/google-1

Response headers

access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-methods: POST,OPTIONS
x-content-type-options: nosniff
cf-ray: 8e66594faf1f4315-EWR
access-control-allow-origin: https://secure.bywinona.com
date: Fri, 22 Nov 2024 04:59:13 GMT
vary: Origin
server: cloudflare
x-frame-options: DENY

GET
H2

200

/
match.adsrvr.org/track/upb/ Frame 74E7
Redirect Chain

https://insight.adsrvr.org/track/up?adv=2x0ys7s&ref=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&upid=n2lgo3z&upv=1.1.0&paapi=1
https://match.adsrvr.org/track/upb/?adv=2x0ys7s&ref=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&upid=n2lgo3z&upv=1.1.0&paapi=1

0
0

92ms
86ms

Document
text/html

3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=2x0ys7s&ref=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&upid=n2lgo3z&upv=1.1.0&paapi=1
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash

Request headers

Referer: https://secure.bywinona.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-type: text/html
date: Fri, 22 Nov 2024 04:59:13 GMT
server: Kestrel
vary: Accept-Encoding

Redirect headers

content-length: 40
date: Fri, 22 Nov 2024 04:59:13 GMT
location: https://match.adsrvr.org/track/upb/?adv=2x0ys7s&ref=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&upid=n2lgo3z&upv=1.1.0&paapi=1
server: Kestrel

GET
H/1.1 200
OK update Show response
app.cybba.solutions/event/3001/ 79 B
448 B 539ms
119ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/3001/update?data=%7B%22userId%22%3A%227542898917725797%22%2C%22type%22%3A%22update%22%2C%22lastVisitDate%22%3A1732251552140%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_bqstore=0&_ts=78488414

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/3001/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

03e0622be5231e8bb465aacc67e37d3ad9b3634b1bbe58cf7b9c68c6ccb93271

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Cache-Control: no-cache
x-process-time: 0.0007755756378173828
Connection: close
Expires: Fri, 22 Nov 2024 04:59:12 GMT
Content-Length: 79
Date: Fri, 22 Nov 2024 04:59:13 GMT
Content-Type: text/javascript;; charset=utf-8
Server: nginx, nginx
X-Frame-Options: SAMEORIGIN

POST
H2 204 x
distillery.wistia.com/ 0
0 621ms
115ms Fetch 13.225.63.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://distillery.wistia.com/x
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.63.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-63-80.ewr53.r.cloudfront.net
Software: envoy /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://secure.bywinona.com/

Response headers

cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 1
via: 1.1 ab3cd7cfdd9d5cf21e29b3ffd33aa170.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-id: 1Fe2ylfk-kU91nTp7uGrOFFX5ubCJmTSoqZ7VmtmF-480POT4glb6w==
date: Fri, 22 Nov 2024 04:59:13 GMT
x-amz-cf-pop: EWR53-C1
server: envoy

GET favicon.ce0531f.411665172b8e73f9c3dcf78056dfca8c.svg
bywinona.com/assets/static/ 0
0

GET
H2 204 unip Show response
trc-events.taboola.com/1372602/log/3/ 0
635 B 527ms
172ms XHR
text/plain 141.226.224.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1372602/log/3/unip?en=pre_d_eng_tb&tos=1677&scd=0&ssd=1&est=1732251551947&ver=36&isls=true&src=i&invt=1500&msa=4830&rv=1&tim=1732251553624&vi=1732251551943&ri=492005c52c7cfa21944c87839b213db8&sd=v2_046cf887cf5b9c039c3e2900610d86b5_7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520_1732251552_1732251552_CNawjgYQuuNTGMeR9JG1MiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABo8a2EmsXU5ND6AXABgAEA&ui=7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520&ref=null&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1372602/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://secure.bywinona.com/

Response headers

access-control-allow-origin: https://secure.bywinona.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Fri, 22 Nov 2024 04:59:14 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1372602/log/3/ Frame 0
0 550ms
163ms Preflight 141.226.224.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1372602/log/3/unip?en=pre_d_eng_tb&tos=1677&scd=0&ssd=1&est=1732251551947&ver=36&isls=true&src=i&invt=1500&msa=4830&rv=1&tim=1732251553624&vi=1732251551943&ri=492005c52c7cfa21944c87839b213db8&sd=v2_046cf887cf5b9c039c3e2900610d86b5_7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520_1732251552_1732251552_CNawjgYQuuNTGMeR9JG1MiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABo8a2EmsXU5ND6AXABgAEA&ui=7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520&ref=null&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://secure.bywinona.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://secure.bywinona.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Fri, 22 Nov 2024 04:59:14 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

GET
H2 200 blank.gif
fast.wistia.com/assets/images/ 1 KB
2 KB 105ms
105ms Image
image/gif 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fast.wistia.com/assets/images/blank.gif

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer: https://secure.bywinona.com/

Response headers

etag: "fbdc4ed9a1e2ee4917a265306927bcf1"
age: 2899
access-control-allow-methods: GET, HEAD
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 04:59:13 GMT
last-modified: Wed, 10 May 2023 19:48:54 GMT
x-served-by: cache-iad-kcgs7200077-IAD, cache-yyz4542-YYZ
x-cache-hits: 5083849, 89
content-type: image/gif
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1732251554.681213,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1214
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 58kkg9cpad.m3u8 Show response
fast.wistia.com/embed/medias/ 1 KB
2 KB 123ms
121ms XHR
application/x-mpegurl 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/embed/medias/58kkg9cpad.m3u8

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/engines/hls_video.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

envoy /

Resource Hash

2112fb0d8dd694ab9d0d764c0d8513e175da663ae6012d2f44c7acff866275b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

x-request-id: 6626510d-1800-4a26-b683-960c13c3a5ab
etag: W/"2112fb0d8dd694ab9d0d764c0d8513e1"
age: 0
x-permitted-cross-domain-policies: none
x-content-type-options: nosniff
x-cache: Miss from cloudfront, HIT, MISS
x-amz-cf-id: RdurWq8B_jUKC99gG3BqBr2PnkV_UQx5J0ffXYWKaboYr-y35RdbxA==
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: application/x-mpegURL
x-served-by: cache-iad-kjyo7100036-IAD, cache-yyz4542-YYZ
x-runtime: 0.031641
x-cache-hits: 0, 0
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
cache-control: public, no-cache
timing-allow-origin: *
x-envoy-upstream-service-time: 33
x-timer: S1732251554.688913,VS0,VE54
via: 1.1 faa43279a53f7a194aba33a9a9e24078.cloudfront.net (CloudFront), 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1138
x-amz-cf-pop: MIA3-C4
server: envoy

GET
H2 200 a3591ba5e949a37083cc6f5a4191e903.min.js Show response
js.sentry-cdn.com/ 3 KB
2 KB 205ms
25ms Script
text/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5604f89c64aba66552a32208befc440a4b39378dfa83097d34bf27264ac53693

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; media-src ; img-src blob: data:; frame-ancestors 'self' .sentry.io; base-uri 'none'; connect-src 'self' .algolia.net .algolianet.com .algolia.io sentry.io .sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; style-src 'unsafe-inline'; object-src 'none'; font-src * data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; worker-src blob:; default-src 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=9c5b321f8d3d1e126246cc3566eb2345906aa9a6
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer: https://secure.bywinona.com/

Response headers

content-encoding: gzip
age: 56
x-envoy-attempt-count: 1
x-content-type-options: nosniff
date: Fri, 22 Nov 2024 04:59:13 GMT
content-type: text/javascript
x-served-by: getsentry-web-default-common-production-9b47bf-hzwm9, cache-chi-klot8100079-CHI, cache-yyz4575-YYZ
vary: Accept-Encoding
x-frame-options: deny
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: script-src 'self' 'unsafe-inline' 'report-sample' s1.sentry-cdn.com js.sentry-cdn.com browser.sentry-cdn.com statuspage-production.s3.amazonaws.com static.zdassets.com aui-cdn.atlassian.com connect-cdn.atl-paas.net js.stripe.com 'strict-dynamic' cdn.pendo.io data.pendo.io pendo-io-static.storage.googleapis.com pendo-static-5634074999128064.storage.googleapis.com; media-src *; img-src * blob: data:; frame-ancestors 'self' *.sentry.io; base-uri 'none'; connect-src 'self' *.algolia.net *.algolianet.com *.algolia.io sentry.io *.sentry.io s1.sentry-cdn.com o1.ingest.sentry.io api2.amplitude.com app.pendo.io data.pendo.io reload.getsentry.net t687h3m0nh65.statuspage.io sentry.zendesk.com ekr.zdassets.com maps.googleapis.com; style-src * 'unsafe-inline'; object-src 'none'; font-src * data:; frame-src app.pendo.io demo.arcade.software js.stripe.com sentry.io; worker-src blob:; default-src 'none'; report-uri https://o1.ingest.sentry.io/api/54785/security/?sentry_key=f724a8a027db45f5b21507e7142ff78e&sentry_release=9c5b321f8d3d1e126246cc3566eb2345906aa9a6
cache-control: public, max-age=3600, s-maxage=60, stale-while-revalidate=315360000, stale-if-error=315360000
timing-allow-origin: *
x-envoy-upstream-service-time: 35
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1331
x-xss-protection: 1; mode=block

GET
H2 200 getuidj Show response
ib.adnxs.com/ 11 B
702 B 381ms
119ms Fetch
application/json 68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: d2rp1k1dldbai6.cloudfront.net
URL: https://d2rp1k1dldbai6.cloudfront.net/cybba_latest.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 166.0.205.39; 166.0.205.39; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: https://secure.bywinona.com
an-x-request-uuid: 7c8aef62-38a3-487a-86e7-84bdff441d72
content-length: 11
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Fri, 22 Nov 2024 04:59:14 GMT
x-xss-protection: 0
content-type: application/json; charset=utf-8
server: nginx/1.23.4

GET
H2 200 bundle.min.js Show response
browser.sentry-cdn.com/8.39.0/ 71 KB
25 KB 23ms
20ms Script
application/javascript 2a04:4e42:400::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://browser.sentry-cdn.com/8.39.0/bundle.min.js

Requested by

Host: js.sentry-cdn.com
URL: https://js.sentry-cdn.com/a3591ba5e949a37083cc6f5a4191e903.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f578c4f114d4bfc44eb9902334fec400860490ab26a721e6d774897a23916fdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer: https://secure.bywinona.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: public, max-age=31536000
content-encoding: gzip
etag: "431f46ac71a1762e057e01e0156fa147"
age: 217389
expires: Wed, 19 Nov 2025 16:36:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 24922
date: Fri, 22 Nov 2024 04:59:13 GMT
last-modified: Tue, 19 Nov 2024 15:45:09 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: Fastly

GET
H/1.1 200
OK pageview Show response
app.cybba.solutions/event/3001/ 79 B
448 B 523ms
203ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/3001/pageview?data=%7B%22userId%22%3A%227542898917725797%22%2C%22type%22%3A%22pageview%22%2C%22url%22%3A%22https%253A%252F%252Fsecure.bywinona.com%252Fgoogle-1%22%2C%22generic%22%3A%7B%22itemId%22%3A%22CA%7CQuebec%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=97827624

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/3001/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

03e0622be5231e8bb465aacc67e37d3ad9b3634b1bbe58cf7b9c68c6ccb93271

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Cache-Control: no-cache
x-process-time: 0.0009477138519287109
Connection: close
Expires: Fri, 22 Nov 2024 04:59:13 GMT
Content-Length: 79
Date: Fri, 22 Nov 2024 04:59:14 GMT
Content-Type: text/javascript;; charset=utf-8
Server: nginx, nginx
X-Frame-Options: SAMEORIGIN

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
328 B 201ms
200ms Fetch
text/plain 2600:9000:266a:2600:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:2600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://secure.bywinona.com/

Response headers

x-envoy-upstream-service-time: 1
access-control-allow-methods: POST, OPTIONS
via: 1.1 ea917192c0be5d0a503335e41055eafe.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 2
x-amz-cf-id: 9KGvZtELdmbWuHf2UA4v5I4RwE_7QGb5Ew8KNQGX46bVmPCFCuNwow==
date: Fri, 22 Nov 2024 04:59:14 GMT
content-type: text/plain; charset=utf-8
x-amz-cf-pop: JFK52-P5
server: envoy

GET
H2 200 allIntegrations.js Show response
fast.wistia.com/assets/external/ 55 KB
14 KB 143ms
142ms Script
text/javascript 2a04:4e42::644
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://fast.wistia.com/assets/external/allIntegrations.js

Requested by

Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::644 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0b911f906767c575b0b47f8bd25ad40348b46106453ae69baab740022ad997cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://secure.bywinona.com
Referer

Response headers

content-encoding: br
etag: "b888c81c9413c3d23bc08a6a8bb6d162"
age: 1940
access-control-allow-methods: GET, HEAD
x-cache: HIT, HIT
date: Fri, 22 Nov 2024 04:59:14 GMT
last-modified: Thu, 21 Nov 2024 21:27:47 GMT
x-served-by: cache-iad-kiad7000122-IAD, cache-yyz4542-YYZ
x-cache-hits: 40, 46
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=0
cache-control: public, max-age=3600
timing-allow-origin: *
x-timer: S1732251555.530461,VS0,VE0
via: 1.1 varnish, 1.1 varnish
x-browser: chrome
x-ecma-v: modern
x-browser-version: 130
accept-ranges: bytes
access-control-allow-origin: *
content-length: 14217
asset-version: b9a2c2c9092cb3ea1060dc261f4d49b395c6f5c3
server: AmazonS3
x-amz-server-side-encryption: AES256

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
283 B 81ms
80ms XHR
text/plain 51.8.71.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.71.184 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://secure.bywinona.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://secure.bywinona.com
Date: Fri, 22 Nov 2024 04:59:14 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H/1.1 200
OK generic Show response
app.cybba.solutions/event/3001/ 79 B
448 B 342ms
96ms Script
text/javascript 138.197.61.175
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://app.cybba.solutions/event/3001/generic?data=%7B%22userId%22%3A%227542898917725797%22%2C%22type%22%3A%22generic%22%2C%22generic%22%3A%7B%22event_name%22%3A%22zandruid%22%2C%22itemId%22%3A%220%22%7D%2C%22device%22%3A%22desktop%22%7D&callback=_vtsdk.eventApi.callbackEvent&_ts=43440310

Requested by

Host: files1.cybba.solutions
URL: https://files1.cybba.solutions/3001/loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

138.197.61.175 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),

Reverse DNS

Software

nginx, nginx /

Resource Hash

03e0622be5231e8bb465aacc67e37d3ad9b3634b1bbe58cf7b9c68c6ccb93271

Security Headers

Name	Value
Strict-Transport-Security	max-age=3600
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://secure.bywinona.com/

Response headers

Strict-Transport-Security: max-age=3600
X-Robots-Tag: noindex
Cache-Control: no-cache
x-process-time: 0.0008327960968017578
Connection: close
Expires: Fri, 22 Nov 2024 04:59:13 GMT
Content-Length: 79
Date: Fri, 22 Nov 2024 04:59:14 GMT
Content-Type: text/javascript;; charset=utf-8
Server: nginx, nginx
X-Frame-Options: SAMEORIGIN

POST
H2 200 mput Show response
pipedream.wistia.com/ 2 B
328 B 279ms
277ms Fetch
text/plain 2600:9000:266a:2600:3:471f:5240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pipedream.wistia.com/mput?topic=metrics
Requested by: Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/allIntegrations.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:266a:2600:3:471f:5240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: envoy /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://secure.bywinona.com/

Response headers

x-envoy-upstream-service-time: 1
access-control-allow-methods: POST, OPTIONS
via: 1.1 ea917192c0be5d0a503335e41055eafe.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 2
x-amz-cf-id: vlubEembAULURyId7SMVXI0O2Nh8i996VLuvjQs75TM8CRMJoZ3dSw==
date: Fri, 22 Nov 2024 04:59:15 GMT
content-type: text/plain; charset=utf-8
x-amz-cf-pop: JFK52-P5
server: envoy

GET
H2 204 unip Show response
trc-events.taboola.com/1372602/log/3/ 0
634 B 174ms
174ms XHR
text/plain 141.226.224.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1372602/log/3/unip?en=pre_d_eng_tb&tos=4682&scd=0&ssd=1&est=1732251551947&ver=36&isls=true&src=i&invt=3000&msa=4830&rv=1&tim=1732251556630&vi=1732251551943&ri=492005c52c7cfa21944c87839b213db8&sd=v2_046cf887cf5b9c039c3e2900610d86b5_7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520_1732251552_1732251552_CNawjgYQuuNTGMeR9JG1MiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABo8a2EmsXU5ND6AXABgAEA&ui=7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520&ref=null&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&it=JS_PIXEL
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1372602/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Attribution-Reporting-Eligible: trigger
Referer: https://secure.bywinona.com/

Response headers

access-control-allow-origin: https://secure.bywinona.com
cache-control: no-cache
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
date: Fri, 22 Nov 2024 04:59:16 GMT
pragma: no-cache
server: nginx
access-control-allow-credentials: true

OPTIONS
H2 200 unip
trc-events.taboola.com/1372602/log/3/ Frame 0
0 156ms
156ms Preflight 141.226.224.48
TABOOLA-AS Tabool...

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1372602/log/3/unip?en=pre_d_eng_tb&tos=4682&scd=0&ssd=1&est=1732251551947&ver=36&isls=true&src=i&invt=3000&msa=4830&rv=1&tim=1732251556630&vi=1732251551943&ri=492005c52c7cfa21944c87839b213db8&sd=v2_046cf887cf5b9c039c3e2900610d86b5_7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520_1732251552_1732251552_CNawjgYQuuNTGMeR9JG1MiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABo8a2EmsXU5ND6AXABgAEA&ui=7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520&ref=null&cv=20241116-3-RELEASE&item-url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&it=JS_PIXEL
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.48 , United States, ASN200478 (TABOOLA-AS Taboola.com ltd, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://secure.bywinona.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-origin: https://secure.bywinona.com
allow: GET, HEAD, POST, TRACE, OPTIONS
content-length: 0
date: Fri, 22 Nov 2024 04:59:16 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
server: nginx

POST
H/1.1 204
No Content collect Show response
a.clarity.ms/ 0
283 B 177ms
175ms XHR
text/plain 51.8.71.184
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.56/clarity.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 51.8.71.184 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/x-clarity-gzip
Referer: https://secure.bywinona.com/

Response headers

Request-Context: appId=cid-v1:9c7c879b-c51a-427e-9701-218438da5f81
Access-Control-Allow-Origin: https://secure.bywinona.com
Date: Fri, 22 Nov 2024 04:59:17 GMT
Vary: Origin
Server: nginx
Connection: keep-alive
Access-Control-Allow-Credentials: true

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.addevent.com
URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=1e595620-be95-4943-1ba9-3f8978f2ff32&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&cache=1732251551074

Domain: app.clickfunnels.com
URL: https://app.clickfunnels.com/userevents/?funnel_id=MVpWWkpsMGZCd3lNWm1WNkh3UUN3QT09LS1nQWdxOFgxRXdCVFdqMDVRRUZqZGNBPT0%3D--47f9a1ba0f2e2561aa4ea91fd9da6f03e7e770ed&page_id=aUUzQlBrekQrcUJZaU5yaUpySUFiZz09LS1YUEVjNmhlNGM3SDVONjljSDc0WXNRPT0%3D--06bf252ea886e420b407afd7537f4ff03680cdb6&funnel_step_id=QUJlTm9RbW9kVmlYL0Y1ZG5OUHJsZz09LS1qamFtZ3g3Tmw3clBwMkwySk0xdVpRPT0%3D--387f8130f27e205de62ca943a2934c861f3ce0a5&user_id=TDE4c1Jac1lIQU15bW5tUmdFakRGdz09LS10N3hMcHhsOHpQTyszWkdSWFBRbVBBPT0%3D--9e99bb73c733c154c114aa574c63c0d3287f783d&account_id=a2NmNGpVSnBXZ3YySmYwMm9sM3VwZz09LS1sK0FMTlprOThhREJmVEsvc3FyRGRRPT0%3D--f42d0d866a535536bac5c9780fc097058033db84&page_code=NTM1NTE3MDE%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=e9840506-33b7-43b6-8657-687e88ce150c&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1

Domain: app.clickfunnels.com
URL: https://app.clickfunnels.com/userevents/?funnel_id=MVpWWkpsMGZCd3lNWm1WNkh3UUN3QT09LS1nQWdxOFgxRXdCVFdqMDVRRUZqZGNBPT0%3D--47f9a1ba0f2e2561aa4ea91fd9da6f03e7e770ed&page_id=aUUzQlBrekQrcUJZaU5yaUpySUFiZz09LS1YUEVjNmhlNGM3SDVONjljSDc0WXNRPT0%3D--06bf252ea886e420b407afd7537f4ff03680cdb6&funnel_step_id=QUJlTm9RbW9kVmlYL0Y1ZG5OUHJsZz09LS1qamFtZ3g3Tmw3clBwMkwySk0xdVpRPT0%3D--387f8130f27e205de62ca943a2934c861f3ce0a5&user_id=TDE4c1Jac1lIQU15bW5tUmdFakRGdz09LS10N3hMcHhsOHpQTyszWkdSWFBRbVBBPT0%3D--9e99bb73c733c154c114aa574c63c0d3287f783d&account_id=a2NmNGpVSnBXZ3YySmYwMm9sM3VwZz09LS1sK0FMTlprOThhREJmVEsvc3FyRGRRPT0%3D--f42d0d866a535536bac5c9780fc097058033db84&page_code=NTM1NTE3MDE%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=39425687-3860-4a3e-b303-5c9517ff962a&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1

Domain: app.clickfunnels.com
URL: https://app.clickfunnels.com/userevents/?funnel_id=MVpWWkpsMGZCd3lNWm1WNkh3UUN3QT09LS1nQWdxOFgxRXdCVFdqMDVRRUZqZGNBPT0%3D--47f9a1ba0f2e2561aa4ea91fd9da6f03e7e770ed&page_id=aUUzQlBrekQrcUJZaU5yaUpySUFiZz09LS1YUEVjNmhlNGM3SDVONjljSDc0WXNRPT0%3D--06bf252ea886e420b407afd7537f4ff03680cdb6&funnel_step_id=QUJlTm9RbW9kVmlYL0Y1ZG5OUHJsZz09LS1qamFtZ3g3Tmw3clBwMkwySk0xdVpRPT0%3D--387f8130f27e205de62ca943a2934c861f3ce0a5&user_id=TDE4c1Jac1lIQU15bW5tUmdFakRGdz09LS10N3hMcHhsOHpQTyszWkdSWFBRbVBBPT0%3D--9e99bb73c733c154c114aa574c63c0d3287f783d&account_id=a2NmNGpVSnBXZ3YySmYwMm9sM3VwZz09LS1sK0FMTlprOThhREJmVEsvc3FyRGRRPT0%3D--f42d0d866a535536bac5c9780fc097058033db84&page_code=NTM1NTE3MDE%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=489102d1-02dd-46c9-8d3d-41158e169a88&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1

Domain: stagingapi.bywinona.com
URL: https://stagingapi.bywinona.com/clickfunnels

Domain: bywinona.com
URL: https://bywinona.com/assets/static/favicon.ce0531f.411665172b8e73f9c3dcf78056dfca8c.svg

Verdicts & Comments Add Verdict or Comment

445 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

53 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/taboolaaccount-roboutliantcom/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_046cf887cf5b9c039c3e2900610d86b5_7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520_1732251552_1732251552_CNawjgYQuuNTGMeR9JG1MiABKAEwJjiJ6AdA6vUHSKfL2QNQ____________AVgAYABo8a2EmsXU5ND6AXABgAEA
.secure.bywinona.com/	1970-01-21 01:10:53	Name: __cf_bm Value: Eusd82qxeZ987Pfz_fGwnzkpJsTaz8S6aeeo878TY_Y-1732251549-1.0.1.1-aVYBToNwE5Ydr2G44ax7AEQmjKmPql0bL1mZNmETaDrQXKxNiYFfK7gQMslNLwAZwf8Ilt4_6AvpggWk_i6Lqeqh25yw_bavrBs.B5Tjl1k
.secure.bywinona.com/	1969-12-31 23:59:59	Name: _cfuvid Value: .yjkLx1S5d.LeiVLk1JyzAUhzqm4Y8CoUlqwJ.OQo_8-1732251549162-0.0.1.1-604800000
.bywinona.com/	1970-01-21 03:20:27	Name: _gcl_au Value: 1.1.1065174452.1732251551
secure.bywinona.com/	1970-01-21 09:56:27	Name: addevent_track_cookie Value: 1e595620-be95-4943-1ba9-3f8978f2ff32
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:aff_sub2 Value:
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:aff_sub3 Value:
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:aff_sub Value:
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:affiliate_id Value:
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:cf_affiliate_id Value:
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:content Value:
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:medium Value:
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:name Value:
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:source Value:
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:term Value:
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:NTM1NTE3MDE Value: :visited=true
secure.bywinona.com/	1970-01-21 09:56:27	Name: cf:visitor_id Value: b3526fc0-4a2e-4565-91ab-1200f06e0b70
www.clarity.ms/	1970-01-21 09:56:27	Name: CLID Value: 6744103728ca4af994d7ffd5e0226b8f.20241122.20251122
.bywinona.com/	1970-01-21 09:56:27	Name: _clck Value: 62snzz%7C2%7Cfr3%7C0%7C1787
.secure.bywinona.com/	1969-12-31 23:59:59	Name: _vt_shop Value: 3001
.taboola.com/	1970-01-21 09:56:27	Name: t_gid Value: 7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520
.taboola.com/	1970-01-21 09:56:27	Name: t_pt_gid Value: 7b715c0f-8d8c-49b6-abf6-84268af57f1f-tucte399520
.taboola.com/	1970-01-21 09:56:27	Name: receive-cookie-deprecation Value: 1
secure.bywinona.com/	1970-01-21 01:10:51	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1732251552462%7D
.doubleclick.net/	1970-01-21 10:46:51	Name: IDE Value: AHWqTUmE5RAzivCptrM4XXoRKQdmz7g_BW1oDy0IKkFvZSRsWm9UolqTmdmuTMga
.t.co/	1970-01-21 10:46:51	Name: muc_ads Value: 7678bd25-2c3a-43f3-bd80-240971089ccf
.t.co/	1970-01-21 01:10:53	Name: __cf_bm Value: AsTUlCitWpQ0g08EYf1hKmLcjHbAn9yndpv_.PW.Ibo-1732251552-1.0.1.1-krHRVsHly7jwnIHelzcDD8d.a8PFizU5KdbrHZQMBhJGZn_JQOV8xI.W7udCte8FAdxTC4l2kZ5FSH32CCZk9g
.twitter.com/	1970-01-21 10:46:51	Name: guest_id_marketing Value: v1%3A173225155254948664
.twitter.com/	1970-01-21 10:46:51	Name: guest_id_ads Value: v1%3A173225155254948664
.twitter.com/	1970-01-21 10:46:51	Name: personalization_id Value: "v1_e/qTzRaKXe6nKyqbdJF71g=="
.twitter.com/	1970-01-21 10:46:51	Name: guest_id Value: v1%3A173225155254948664
.bywinona.com/	1970-01-21 01:12:17	Name: _clsk Value: 1vp26ix%7C1732251552719%7C1%7C1%7Ca.clarity.ms%2Fcollect
.secure.bywinona.com/	1970-01-21 09:56:27	Name: _vt_user Value: 7542898917725797_1_false_false_false_false_0
secure.bywinona.com/	1969-12-31 23:59:59	Name: is_eu Value: false
secure.bywinona.com/	1970-01-21 09:56:27	Name: 3r84hcr2dubnpsk9 Value: true
secure.bywinona.com/	1970-01-21 09:56:27	Name: 11914323_viewed_1 Value: 1
.clickfunnels.com/	1970-01-21 01:10:53	Name: __cf_bm Value: 4Ugp63fxaBEe7SJ2cintHvMR4UgFIxvIyB0dt9NFxOg-1732251553-1.0.1.1-j5DNrQ3g7my9988Q5npzJhk5BQBMjDw64QLn3fCGFbiPeZNRwONRgzR5KJIz_0NjoSYO1XXX23vYeG3q_TWAaqkTI1QalHNHazCCVzJsypQ
.clickfunnels.com/	1969-12-31 23:59:59	Name: _cfuvid Value: Ys3It6Ao_6z56TzmYnTuJ4Zmr1FpYNp2kq_FDJh47gU-1732251553474-0.0.1.1-604800000
.adsrvr.org/	1970-01-21 09:56:27	Name: TDID Value: 011a92c0-6ab4-4eba-af52-7c57768659a4
.bywinona.com/	1970-01-21 01:11:34	Name: CYB_ID Value: 7542898917725797
.bing.com/	1970-01-21 10:32:27	Name: MUID Value: 26A50DFF219C61F118E718C0204A6063
.c.bing.com/	1970-01-21 01:20:56	Name: MR Value: 0
.c.bing.com/	1970-01-21 10:32:27	Name: SRM_B Value: 26A50DFF219C61F118E718C0204A6063
.adnxs.com/	1970-01-21 10:46:51	Name: receive-cookie-deprecation Value: 1
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-21 10:32:27	Name: MUID Value: 26A50DFF219C61F118E718C0204A6063
.c.clarity.ms/	1970-01-21 01:20:56	Name: MR Value: 0
.c.clarity.ms/	1970-01-21 01:10:52	Name: ANONCHK Value: 0
.rubiconproject.com/	1970-01-21 09:56:27	Name: audit_p Value: 1\|NmkQ5/x6CIkLMqceO5z6BRxeg2XLMNOdCKh/SVnIRcIQ1nTWsk2hDdF64/EywGb/+m55fTu8UMEwHTRO1/p4iHX0qfg68IpFQAPcN3ARK87oZVpP8FOfTNWkx5S0VwkQmUFddAcdacR980/gqsQWg0DnK37CyCg3YSzZt2343ZDREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.rubiconproject.com/	1970-01-21 09:56:27	Name: khaos Value: M3S9ULXK-1P-3RBD
.rubiconproject.com/	1970-01-21 09:56:27	Name: khaos_p Value: M3S9ULXK-1P-3RBD
.rubiconproject.com/	1970-01-21 09:56:27	Name: audit Value: 1\|NmkQ5/x6CIkLMqceO5z6BRxeg2XLMNOdCKh/SVnIRcIQ1nTWsk2hDdF64/EywGb/+m55fTu8UMEwHTRO1/p4iHX0qfg68IpFQAPcN3ARK87oZVpP8FOfTNWkx5S0VwkQmUFddAcdacR980/gqsQWg0DnK37CyCg3YSzZt2343ZDREvsM2ra73MRmS8gGs6ylTlon0IrnE1p4+byUJuUHKNl4Am3SUH3rwETMVR8lnVPictVKI3nW/ZSmfFa9k+2RfCCm1vF3Tgn8ih/oL8+08tuVaVkDFDbShAUs62yL6R/QD5U7tEfUTQ==
.adsrvr.org/	1970-01-21 09:56:27	Name: TDCPM Value: CAESFwoIYXBwbmV4dXMSCwj2wM2Tjq_FPRAFEhYKB3J1Ymljb24SCwjG6s2Tjq_FPRAFEhUKBmdvb2dsZRILCNjr3JyOr8U9EAUYBSACKAMyCwiWndDApK_FPRAFQg8iDQgBEgkKBXRpZXIzEAFaBzJ4MHlzN3NgAQ..

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://track.addevent.com/atc/?trktyp=jsinit&trkcal=&guid=1e595620-be95-4943-1ba9-3f8978f2ff32&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1&cache=1732251551074 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	error	URL: https://secure.bywinona.com/google-1 Message: Access to XMLHttpRequest at 'https://app.clickfunnels.com/userevents/?funnel_id=MVpWWkpsMGZCd3lNWm1WNkh3UUN3QT09LS1nQWdxOFgxRXdCVFdqMDVRRUZqZGNBPT0%3D--47f9a1ba0f2e2561aa4ea91fd9da6f03e7e770ed&page_id=aUUzQlBrekQrcUJZaU5yaUpySUFiZz09LS1YUEVjNmhlNGM3SDVONjljSDc0WXNRPT0%3D--06bf252ea886e420b407afd7537f4ff03680cdb6&funnel_step_id=QUJlTm9RbW9kVmlYL0Y1ZG5OUHJsZz09LS1qamFtZ3g3Tmw3clBwMkwySk0xdVpRPT0%3D--387f8130f27e205de62ca943a2934c861f3ce0a5&user_id=TDE4c1Jac1lIQU15bW5tUmdFakRGdz09LS10N3hMcHhsOHpQTyszWkdSWFBRbVBBPT0%3D--9e99bb73c733c154c114aa574c63c0d3287f783d&account_id=a2NmNGpVSnBXZ3YySmYwMm9sM3VwZz09LS1sK0FMTlprOThhREJmVEsvc3FyRGRRPT0%3D--f42d0d866a535536bac5c9780fc097058033db84&page_code=NTM1NTE3MDE%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=e9840506-33b7-43b6-8657-687e88ce150c&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1' from origin 'https://secure.bywinona.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.clickfunnels.com/userevents/?funnel_id=MVpWWkpsMGZCd3lNWm1WNkh3UUN3QT09LS1nQWdxOFgxRXdCVFdqMDVRRUZqZGNBPT0%3D--47f9a1ba0f2e2561aa4ea91fd9da6f03e7e770ed&page_id=aUUzQlBrekQrcUJZaU5yaUpySUFiZz09LS1YUEVjNmhlNGM3SDVONjljSDc0WXNRPT0%3D--06bf252ea886e420b407afd7537f4ff03680cdb6&funnel_step_id=QUJlTm9RbW9kVmlYL0Y1ZG5OUHJsZz09LS1qamFtZ3g3Tmw3clBwMkwySk0xdVpRPT0%3D--387f8130f27e205de62ca943a2934c861f3ce0a5&user_id=TDE4c1Jac1lIQU15bW5tUmdFakRGdz09LS10N3hMcHhsOHpQTyszWkdSWFBRbVBBPT0%3D--9e99bb73c733c154c114aa574c63c0d3287f783d&account_id=a2NmNGpVSnBXZ3YySmYwMm9sM3VwZz09LS1sK0FMTlprOThhREJmVEsvc3FyRGRRPT0%3D--f42d0d866a535536bac5c9780fc097058033db84&page_code=NTM1NTE3MDE%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::PageviewsCreatedSummary&nonce=e9840506-33b7-43b6-8657-687e88ce150c&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1 Message: Failed to load resource: net::ERR_FAILED
javascript	warning	URL: https://proxy.bywinona.com/?url=https://static.legitscript.com/seals/8131176.js&_=1732251551121(Line 1) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://proxy.bywinona.com/?url=https://static.legitscript.com/seals/8131176.js&_=1732251551121(Line 2) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	warning	URL: https://proxy.bywinona.com/?url=https://static.legitscript.com/seals/8131176.js&_=1732251551121(Line 3) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
javascript	error	URL: https://secure.bywinona.com/google-1 Message: Access to XMLHttpRequest at 'https://app.clickfunnels.com/userevents/?funnel_id=MVpWWkpsMGZCd3lNWm1WNkh3UUN3QT09LS1nQWdxOFgxRXdCVFdqMDVRRUZqZGNBPT0%3D--47f9a1ba0f2e2561aa4ea91fd9da6f03e7e770ed&page_id=aUUzQlBrekQrcUJZaU5yaUpySUFiZz09LS1YUEVjNmhlNGM3SDVONjljSDc0WXNRPT0%3D--06bf252ea886e420b407afd7537f4ff03680cdb6&funnel_step_id=QUJlTm9RbW9kVmlYL0Y1ZG5OUHJsZz09LS1qamFtZ3g3Tmw3clBwMkwySk0xdVpRPT0%3D--387f8130f27e205de62ca943a2934c861f3ce0a5&user_id=TDE4c1Jac1lIQU15bW5tUmdFakRGdz09LS10N3hMcHhsOHpQTyszWkdSWFBRbVBBPT0%3D--9e99bb73c733c154c114aa574c63c0d3287f783d&account_id=a2NmNGpVSnBXZ3YySmYwMm9sM3VwZz09LS1sK0FMTlprOThhREJmVEsvc3FyRGRRPT0%3D--f42d0d866a535536bac5c9780fc097058033db84&page_code=NTM1NTE3MDE%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=489102d1-02dd-46c9-8d3d-41158e169a88&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1' from origin 'https://secure.bywinona.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.clickfunnels.com/userevents/?funnel_id=MVpWWkpsMGZCd3lNWm1WNkh3UUN3QT09LS1nQWdxOFgxRXdCVFdqMDVRRUZqZGNBPT0%3D--47f9a1ba0f2e2561aa4ea91fd9da6f03e7e770ed&page_id=aUUzQlBrekQrcUJZaU5yaUpySUFiZz09LS1YUEVjNmhlNGM3SDVONjljSDc0WXNRPT0%3D--06bf252ea886e420b407afd7537f4ff03680cdb6&funnel_step_id=QUJlTm9RbW9kVmlYL0Y1ZG5OUHJsZz09LS1qamFtZ3g3Tmw3clBwMkwySk0xdVpRPT0%3D--387f8130f27e205de62ca943a2934c861f3ce0a5&user_id=TDE4c1Jac1lIQU15bW5tUmdFakRGdz09LS10N3hMcHhsOHpQTyszWkdSWFBRbVBBPT0%3D--9e99bb73c733c154c114aa574c63c0d3287f783d&account_id=a2NmNGpVSnBXZ3YySmYwMm9sM3VwZz09LS1sK0FMTlprOThhREJmVEsvc3FyRGRRPT0%3D--f42d0d866a535536bac5c9780fc097058033db84&page_code=NTM1NTE3MDE%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniqueVisitorsCreatedSummary&nonce=489102d1-02dd-46c9-8d3d-41158e169a88&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://secure.bywinona.com/google-1 Message: Access to XMLHttpRequest at 'https://app.clickfunnels.com/userevents/?funnel_id=MVpWWkpsMGZCd3lNWm1WNkh3UUN3QT09LS1nQWdxOFgxRXdCVFdqMDVRRUZqZGNBPT0%3D--47f9a1ba0f2e2561aa4ea91fd9da6f03e7e770ed&page_id=aUUzQlBrekQrcUJZaU5yaUpySUFiZz09LS1YUEVjNmhlNGM3SDVONjljSDc0WXNRPT0%3D--06bf252ea886e420b407afd7537f4ff03680cdb6&funnel_step_id=QUJlTm9RbW9kVmlYL0Y1ZG5OUHJsZz09LS1qamFtZ3g3Tmw3clBwMkwySk0xdVpRPT0%3D--387f8130f27e205de62ca943a2934c861f3ce0a5&user_id=TDE4c1Jac1lIQU15bW5tUmdFakRGdz09LS10N3hMcHhsOHpQTyszWkdSWFBRbVBBPT0%3D--9e99bb73c733c154c114aa574c63c0d3287f783d&account_id=a2NmNGpVSnBXZ3YySmYwMm9sM3VwZz09LS1sK0FMTlprOThhREJmVEsvc3FyRGRRPT0%3D--f42d0d866a535536bac5c9780fc097058033db84&page_code=NTM1NTE3MDE%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=39425687-3860-4a3e-b303-5c9517ff962a&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1' from origin 'https://secure.bywinona.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://app.clickfunnels.com/userevents/?funnel_id=MVpWWkpsMGZCd3lNWm1WNkh3UUN3QT09LS1nQWdxOFgxRXdCVFdqMDVRRUZqZGNBPT0%3D--47f9a1ba0f2e2561aa4ea91fd9da6f03e7e770ed&page_id=aUUzQlBrekQrcUJZaU5yaUpySUFiZz09LS1YUEVjNmhlNGM3SDVONjljSDc0WXNRPT0%3D--06bf252ea886e420b407afd7537f4ff03680cdb6&funnel_step_id=QUJlTm9RbW9kVmlYL0Y1ZG5OUHJsZz09LS1qamFtZ3g3Tmw3clBwMkwySk0xdVpRPT0%3D--387f8130f27e205de62ca943a2934c861f3ce0a5&user_id=TDE4c1Jac1lIQU15bW5tUmdFakRGdz09LS10N3hMcHhsOHpQTyszWkdSWFBRbVBBPT0%3D--9e99bb73c733c154c114aa574c63c0d3287f783d&account_id=a2NmNGpVSnBXZ3YySmYwMm9sM3VwZz09LS1sK0FMTlprOThhREJmVEsvc3FyRGRRPT0%3D--f42d0d866a535536bac5c9780fc097058033db84&page_code=NTM1NTE3MDE%3D&mode_id=1&time_zone=America%2FChicago&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1600&type=Userevents::UniquePageviewsCreatedSummary&nonce=39425687-3860-4a3e-b303-5c9517ff962a&url=https%3A%2F%2Fsecure.bywinona.com%2Fgoogle-1 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://secure.bywinona.com/google-1 Message: Access to XMLHttpRequest at 'https://stagingapi.bywinona.com/clickfunnels' from origin 'https://secure.bywinona.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://stagingapi.bywinona.com/clickfunnels Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.clarity.ms
amplify.outbrain.com
analytics.twitter.com
app.clickfunnels.com
app.cybba.solutions
assets.clickfunnels.com
browser.sentry-cdn.com
bywinona.com
c.bing.com
c.clarity.ms
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
d2rp1k1dldbai6.cloudfront.net
d2saw6je89goi1.cloudfront.net
distillery.wistia.com
embed-ssl.wistia.com
fast.wistia.com
files1.cybba.solutions
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
insight.adsrvr.org
js.adsrvr.org
js.sentry-cdn.com
match.adsrvr.org
monetize.zeeto.io
p.xad.com
pipedream.wistia.com
pips.taboola.com
pm.geniusmonkey.com
pro.ip-api.com
proxy.bywinona.com
psb.taboola.com
secure.bywinona.com
stagingapi.bywinona.com
static.ads-twitter.com
static.cloudflareinsights.com
static.legitscript.com
t.co
td.doubleclick.net
themes.audemedia.com
tr.outbrain.com
track.addevent.com
trc-events.taboola.com
trc.taboola.com
use.fontawesome.com
wave.outbrain.com
winona-shareasale-bucket.s3.ap-southeast-1.amazonaws.com
www.clarity.ms
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.rtb123.com
www.welkdtkr.com
app.clickfunnels.com
bywinona.com
stagingapi.bywinona.com
track.addevent.com
104.118.9.170
104.244.42.195
108.138.106.62
108.139.33.128
13.225.63.80
138.197.61.175
141.226.224.48
141.226.230.50
142.251.40.162
146.75.32.157
151.101.1.44
162.159.140.229
20.110.205.119
23.51.57.192
2600:9000:21b8:d000:1e:c86:4140:93a1
2600:9000:2511:b400:d:87ae:bb80:21
2600:9000:266a:2600:3:471f:5240:93a1
2600:9000:28b2:a600:f:17d2:4240:93a1
2606:4700:10::6816:2971
2606:4700:3036::6815:1955
2606:4700:3036::6815:1b98
2606:4700:3037::6815:883
2606:4700::6810:10c2
2606:4700::6810:4f49
2606:4700::6810:dc2
2606:4700::6811:190e
2606:4700::6812:1122
2607:f8b0:4006:808::2004
2607:f8b0:4006:809::2002
2607:f8b0:4006:81c::2003
2607:f8b0:4006:81d::2003
2607:f8b0:4006:81e::200a
2607:f8b0:4006:824::2002
2607:f8b0:4006:824::2008
2620:1ec:bdf::40
2620:1ec:c11::237
2a02:6ea0:c454::1
2a04:4e42:400::729
2a04:4e42::644
3.33.220.150
3.5.151.180
34.117.190.90
34.117.40.88
38.91.101.241
51.8.71.184
67.225.220.126
68.67.179.166
70.42.32.31
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
026809f4b65e06bcdd4774e0d1cfd6c1dd604327d977596694ebf2855c7fcdfa
03e0622be5231e8bb465aacc67e37d3ad9b3634b1bbe58cf7b9c68c6ccb93271
09586b30e129551d5c64e49feb38334bd0b4549730126f3a48994d84c57d389c
0b911f906767c575b0b47f8bd25ad40348b46106453ae69baab740022ad997cd
0cd4930a18f333e0d24cab89dd9d28d0ea8de8f0a7ee4b2f129ea35d90dfd6e5
0d1c5ba4b29db42dadf61f9e7304331fa835fe732bbb02822ada17a9a63c215f
0ed1e559090da837699d0bed4f0cd9a5555010b3b4bfe773fdcc9ce146f051a7
10395cb0998d2e638b426209f0c361d6694d751d96b1547d594e7593a6199e66
11c36db93cff1537401a6746864e14c6bce12c76f23bef1237d1f3b70712b073
12223e6f38bc18d2044fd6fe555901faf8c7975d5b4a83509f34b974eb15c660
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
137bfcbb5307bc5426ffba2cccf4ab54a72a156d83ec785b15dd167990f30f07
14328f67af6b839ac4f57c7e5c2b32ef51e9d2d0f6532731120d1c989f8476f2
150195ae6cf4ac5ea0f5abf98a010fd4f3a1a01454809bd3270675db576dbc4b
156733bf5683ef44655ddc848f0e5d608570e158d20ab8e3fbd3d766cea7add7
1716c14aa90e398d730cbe42d76cf8ca3902f23c24f811bf2eb86ba515eba110
17c34655fce786775ef841e0cf3550c14d9bb3dec6530095afbc2ae7945ef81e
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
2112fb0d8dd694ab9d0d764c0d8513e175da663ae6012d2f44c7acff866275b7
2f32df7e551db7b61e5a7eb1b3b5064a32960109c9fca02e0aadc607d8e12833
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31cd4ae71f69ea5e871149680ccd55afca9760d99289699eab09f9778efc3a64
352dbf0c3c7bf397d1279c250d775fba58370626da4110da258a09ee49f5ac31
37947ef5beff1b69d4fb1f3bcc12a62941e2245685824b00b06f2be97fc40ef7
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3caaac450c0a2cbc4723121b43daceb699d8ef69c69e31ec4b30e12463fd6a1a
3ec7791fd91e00ee21de3a1e5c5b7ddbf39247b89aec4e826a51b304ae857f70
431c49ed52512fea5e4ebed8b7d7fe07ee0c45798b43db4569a70cb8cdb3e0a4
4c8addf87a0f618eb2667f655f4f3032c76592cfe3c41752f7e5bff10667f14a
4eaa4c1099c55645f51cdb78ab5378cded2bc4c3276f181a3f97b5baa896b812
5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
53f788ed832f99253f455ba04668e192fcb4b2169fe7b3002882a03d094e0ae0
5604f89c64aba66552a32208befc440a4b39378dfa83097d34bf27264ac53693
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5a5a47c83114f65dc9fd38cdf422e2eeded555162d7a1993bd336dd0dc8eb271
6050c17b5ff5c36dea39c82caf37d6c525d36bed9f615e8c36220bb56580a22f
661af507d7ef77b9c68d8e3a5afffcb3e0f55a43e73f15bb75e10ec76bc4f26e
6643f2c67fba4bfe40a1533d5478cb4d6b3cc75913ac0ab99cca7a954bcb72f2
695a59749e55f42dd1725fc088f71b3fe1f201a45ec511a2c116b09d56b68719
6a1e89cf2a00dd223f860275d0fc5f3ada80cc0f624784a8d7c9a48a8045e98c
6c0c89040b747a9706e1c41055d4fb36e939a1d31c6ef19fec964b67ace97f91
6c605cd8200aa8a5c4bc598d63e40a8ef787b690be85abc69072a47904ab3099
6d0291f90718dc0537f65dc6a4f68d8e75f0a8a3a0b62836d9cf41350ecaf552
7102c43027122899b2181135e0db342953478de7c991a8bbd8f4c64ebdad56da
7422e50efbaea439fda7ef3b0eb54ee1a9fe73ea2f919d78a33bf6fb9e3e059d
75a3f0e1bf41956f9b43ae87a5234dbcf7b5b9436dd8cecf97b0d947d26c0311
75f591f96b4115b1e2cef4933628c5d568b7cddb3a2a4a42252dba641c19cc0f
7906b715621d83a00b09188cba089f2b80a9120ea8727ab9c7570fce5c0694d3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7ee8818c4f9b2d770f286bf85510048ca3a4c6db2a351a067865c5625616decd
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
80243c0eeae689869de0f927a5190edbab922099052163d422112b7fb437c1b6
810394a8b51fe4ee67d68344a8e66a226778dfe3f468eaf858c91f6143f436ce
82f561b6e6c19954083879d8f9f43f55f919945a905f5c5292a0a3ecb8b58122
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8a76046a37f69c1cd9542ced7aea76e1008d79bc6c44555a6cf6b1b90a92542e
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94b9f16eae5849411753aee9e74cf8356f1c16798bdfdfb1cda2150e7917d191
9522e36418c8c475c7ef99b1bc2e650fc366cc49dc74c87af37e61a81afd5901
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af6f04b4f872675a365b6f973db29b0ecc7614781f6d8fda6e77e5646f998aa
9d29abe7e0b594f91bc2677c11092145d29725dc298de388923d7cc73931f526
a00307bb2e8f5e6c3ed30ecc498f0c8e3e894f24d51c29e6fc8c71fb496701bb
a1e2e41528228f74af5ca262f7c91963497c1b2ab1bab3f955b42eb028c4b62e
a696b734193371073510c87df68430499c2f424ad3f7be42f586dc6aff78567b
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
ab81e2510fa17954c2f46cda1b96ab611c03d80b01e5a24fc5f6204d2d25cff9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad2ac999523a38bad81640c47b1909f6cad26a42b908eb3d6f4c1225a42cdf0d
af485050843f22da2878e5f246688035e9e3c9f2b77fa80f8e783b049d73fff4
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
b588e88a3aac5d178c6bcf2733ec38d55fedcc5165cbeec5c5fd5f95cc475571
b5dda242191ad57ada8dd627c60931eb738c7ced9ec7943bc58d5e25b854cfde
ba599b9f3a66b4fe9e7f74741aeb93aeea2a3422b085af669e9efd30cc482d3e
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bece930de6f9ca43f53f17d7b71e9b7bb9687370f18a7a010df22f2b6294f23a
c0ff8c1d10a080c556a2cb9ad98f2da4326cd79b2be346e1e8daf9925214545b
c167c376f9bccde8e49bdb4c52b145eb2b247b696fb77445ced25501b0721f49
c17630b891f710ddcc916b4e2b124489b25a87f5a0d33a819d873ae900e451aa
c9c5add388727e1a07d7b9d6a8e9396c63cc2a73347448962b88f3c58a15b03b
cd398be1a91817126cef10224738e624358edf6f08043abad7e60c1aaeccc8d0
ce4713849d78c0738610568972ecebeb8eb8e62b5bc779a962930509a5807cf1
cfaf5adc8b86566df387aeed7506207c5188758a27c5fce60ea0c8fe9c6474b1
d2ee122b70efe682a08cbe6f313d58ad950aa1558ca8fe2b8f14313496d56544
d4963b8afebfa0063b5d17b4c80f49bce702a37ea5c9b91bb3c996bb9dea4b60
dc1da692990307185621fd661b7305e29d3a0a5ba0f0d998e5a1463a17c57044
de7879a56a1ac6451486623134710ea8426543c93ee989dd2cf42879fbbe116f
deb2cd9db4e16675713653b7f2804eabac1340bcfc1ed46a1435684a4257875a
e0f3de2aa55d94a81494a0e4b786df4229d2af8601902c797076aa5b572bfb24
e1f15f13ac2b9e5a71e71035f928052ed83e67d1e5e36ed6a8c81fd886dcb1a2
e2d219940c2822453da60084dbc5748e359d4f093c83f7d45f271ff14c1ed431
e37dcb6f734d00d75a25fbf066e04283dbc5167fef68c8bff5e0977b83a3f3ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e573b6d8ac35818ade8c034c3df8c0313958a764d06b17a3622f26d5eee15ddc
e7112b70eed95d42b178135728e6153e34f07001827870748de87cd7dec3538e
e77381a3268bdf34ef744569ebb9f46036be9310e3a03d8a6c6675a4e49ad155
ecbbde11ff3f17cd82fe6d7776037f44ee3946073bfef95378f0dc9b17b7415d
ecf11aca5daf62f8506adf2934e052d8450ffea7ba3f978015f4532f09d3ff01
ed105cff5f1772ca4ec0f4e6175ac2f7e9f69da03d176ca8259e53210031188d
eedfa5a3721da1ef7bb3ecae5b1ca569bfa9e66aa6a85363f96b70d3cbc76dfa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f501555fd323da0a4b92f5cdeb803d183108382b6474e907b7f02b0b2807642a
f575c3f79fd5e1d2232a7a42ed0bb5c7fd8fe1838e7f86d535e57a3d60f40ab4
f578c4f114d4bfc44eb9902334fec400860490ab26a721e6d774897a23916fdd
f7464960133d530dfa52ce0ab9a5c33f0a709a946ad16298b000a7560738f422
f8807e6c77fbc5b04ec51260854bf0e5cc43741f9deeb3a155459d54a27c7987
f94dbdd607cbb8890e47e6691efb16cc0a87acf95e54b483df60f19adc950c38
f9ea519bc110d0ca5575af9d9bac96b65e553e446c23a1bd20b61beae2734774
fa64be7e67aeedc05d88ad037251e9ee7ab5a640c3d924e55fb72a498adbf255
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fc69d8bcedfcec6176b0c92180b87567868e03fdcd5845d4d295aec4b8794e85
fd9f317167bec2205264dc16b5b969614577da1095908b454f4af1d6cb009b92

secure.bywinona.com Open in urlscan Pro 2606:4700::6810:10c2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

154 Requests

94 %HTTPS

52 %IPv6

35 Domains

57 Subdomains

48 IPs

3 Countries

3700 kBTransfer

9267 kBSize

53 Cookies

11 Outgoing links

Page URL History

Redirected requests

154 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

secure.bywinona.com Open in urlscan Pro
2606:4700::6810:10c2 Public Scan

Screenshot
Live screenshot

Full Image

154
Requests

94 %
HTTPS

52 %
IPv6

35
Domains

57
Subdomains

48
IPs

3
Countries

3700 kB
Transfer

9267 kB
Size

53
Cookies

154 HTTP transactions
2 data transactions