p.a2lmo8v1r.xyz Open in urlscan Pro
2606:4700:3031::6815:1c7e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://p.a2lmo8v1r.xyz/
Submission: On December 28 via api (December 28th 2023, 5:04:55 pm UTC) from US — Scanned from US

Summary HTTP 76 Redirects Links 63 Behaviour Indicators

Summary

This website contacted 21 IPs in 1 countries across 17 domains to perform 76 HTTP transactions. The main IP is 2606:4700:3031::6815:1c7e, located in United States and belongs to CLOUDFLARENET, US. The main domain is p.a2lmo8v1r.xyz.
TLS certificate: Issued by GTS CA 1P5 on November 25th 2023. Valid for: 3 months.

This is the only time p.a2lmo8v1r.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3031::6815:1c7e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2606:4700:303... 2606:4700:3033::6815:2fe9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:50c0:800... 2606:50c0:8002::153	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4004:c09::5f	15169 (GOOGLE) (GOOGLE)
13	2600:1408:c40... 2600:1408:c400:2c::17de:48b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.207.125 13.32.207.125	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1	13.225.195.6 13.225.195.6	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c07::61	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3034::ac43:8462	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.226.151.233 35.226.151.233	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:250... 2600:9000:250b:3000:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:20e... 2600:9000:20e2:be00:f:b2f5:a240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.116.146.56 18.116.146.56	16509 (AMAZON-02) (AMAZON-02)
1 2	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::5e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c08::8a	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c1d::9a	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20a... 2600:9000:20aa:c000:f:9de7:2240:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1408:c40... 2600:1408:c400:2c::17de:48f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
76	21

2 2606:4700:3031::6815:1c7e (United States)

ASN13335 (CLOUDFLARENET, US)

p.a2lmo8v1r.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:3033::6815:2fe9 (United States)

ASN13335 (CLOUDFLARENET, US)

autoimmunewellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:50c0:8002::153 (United States)

ASN54113 (FASTLY, US)

necolas.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c09::5f (Ashburn, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2600:1408:c400:2c::17de:48b (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.207.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-207-125.iad66.r.cloudfront.net

daks2k3a4ib2z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.195.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-6.yul62.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3034::ac43:8462 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

autoimmune-paleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.226.151.233 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 233.151.226.35.bc.googleusercontent.com

aiwellness.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:250b:3000:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20e2:be00:f:b2f5:a240:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.flodesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.116.146.56 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-116-146-56.us-east-2.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::61 (Washington, United States) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::5e (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c08::8a (Ashburn, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c1d::9a (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20aa:c000:f:9de7:2240:93a1 (United States)

ASN16509 (AMAZON-02, US)

form.flodesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1408:c400:2c::17de:48f (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	autoimmunewellness.com autoimmunewellness.com	13 MB
14	typekit.net use.typekit.net — Cisco Umbrella Rank: 446 p.typekit.net — Cisco Umbrella Rank: 559	245 KB
6	flodesk.com assets.flodesk.com — Cisco Umbrella Rank: 18303 form.flodesk.com — Cisco Umbrella Rank: 26078	83 KB
3	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 587 www.google-analytics.com — Cisco Umbrella Rank: 27	18 KB
3	sharethis.com platform-api.sharethis.com — Cisco Umbrella Rank: 4380 buttons-config.sharethis.com — Cisco Umbrella Rank: 4860 l.sharethis.com — Cisco Umbrella Rank: 4541	47 KB
2	gstatic.com fonts.gstatic.com	52 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 988	70 KB
2	a2lmo8v1r.xyz p.a2lmo8v1r.xyz	22 KB
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 75	337 B
1	wpengine.com 1 redirects aiwellness.wpengine.com	124 B
1	autoimmune-paleo.com 1 redirects autoimmune-paleo.com	495 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	88 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 735	33 KB
1	cloudfront.net daks2k3a4ib2z.cloudfront.net	3 KB
1	github.io necolas.github.io — Cisco Umbrella Rank: 85155	3 KB
76	17

	Domain	Requested by
36	autoimmunewellness.com	p.a2lmo8v1r.xyz autoimmunewellness.com
13	use.typekit.net	p.a2lmo8v1r.xyz
3	form.flodesk.com	assets.flodesk.com
3	assets.flodesk.com	p.a2lmo8v1r.xyz assets.flodesk.com
2	fonts.gstatic.com	fonts.googleapis.com
2	ssl.google-analytics.com	1 redirects p.a2lmo8v1r.xyz
2	fonts.googleapis.com	p.a2lmo8v1r.xyz
2	maxcdn.bootstrapcdn.com	p.a2lmo8v1r.xyz maxcdn.bootstrapcdn.com
2	p.a2lmo8v1r.xyz	p.a2lmo8v1r.xyz
1	p.typekit.net
1	stats.g.doubleclick.net	p.a2lmo8v1r.xyz
1	www.google-analytics.com	www.googletagmanager.com
1	l.sharethis.com	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	aiwellness.wpengine.com	1 redirects
1	autoimmune-paleo.com	1 redirects
1	cdnjs.cloudflare.com	p.a2lmo8v1r.xyz
1	www.googletagmanager.com	p.a2lmo8v1r.xyz
1	platform-api.sharethis.com	p.a2lmo8v1r.xyz
1	code.jquery.com	p.a2lmo8v1r.xyz
1	daks2k3a4ib2z.cloudfront.net	p.a2lmo8v1r.xyz
1	necolas.github.io	p.a2lmo8v1r.xyz
76	22

This site contains links to these domains. Also see Links.

Domain
autoimmunewellness.com
www.facebook.com
instagram.com
www.pinterest.com
www.youtube.com
autoimmune-paleo.com
www.amazon.com
www.e-junkie.com
aipbatchcook.com
aipcertified.com
rachelpesso.com
alchemyandaim.com

Subject Issuer	Validity	Valid
a2lmo8v1r.xyz GTS CA 1P5	`2023-11-25` - `2024-02-23`	3 months	crt.sh
autoimmunewellness.com GTS CA 1P5	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.github.io DigiCert TLS RSA SHA256 2020 CA1	`2023-02-21` - `2024-03-20`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2023-11-30` - `2024-02-28`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-21` - `2024-10-21`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.flodesk.com Amazon RSA 2048 M02	`2023-06-03` - `2024-07-01`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://p.a2lmo8v1r.xyz/
Frame ID: DCFF6AA1FC367A99DB62C40FC1714EAE
Requests: 76 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Blog - Autoimmune Wellness

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

76
Requests

95 %
HTTPS

82 %
IPv6

17
Domains

22
Subdomains

21
IPs

1
Countries

14405 kB
Transfer

16047 kB
Size

7
Cookies

63 Outgoing links

These are links going to different origins than the main page.

URL: https://autoimmunewellness.com/

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/our-story/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/our-team/
Title: Our Team

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/category/articles-2/
Title: Features

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/awp/
Title: Our Podcast

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/about-aip/
Title: About AIP

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/history-aip-movement-2011-to-present/
Title: The History of AIP

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/stories-recovery-index/
Title: Stories of Recovery

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/kitchen-tour-index/
Title: AIP Kitchen Tour

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/diversity-aip-index/
Title: Diversity in AIP

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/aip-medical-research/
Title: AIP Medical Research

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/recipes/
Title: Recipes

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/introducing-real-plans-a-customizable-aip-meal-planning-service/
Title: Meal Plans

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/resources/
Title: Resources

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/find-your-aip-community/
Title: Find Your AIP Community

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/aip-in-2023-an-announcement-an-invitation/
Title: AIP in 2023: An Announcement & an Invitation!

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/autoimmunepaleo/
Title: Mickey Trescott

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/aip-in-2023-an-announcement-an-invitation/#comments
Title: 4 comments

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/a-special-message-from-angie/
Title: A Special Message From Angie

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/angiealt/
Title: Angie Alt

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/a-special-message-from-angie/#comments
Title: 26 comments

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/budget-friendly-sheet-pan-chicken-thighs-and-veggie-roast/
Title: Budget-Friendly Sheet Pan Chicken Thighs and Veggie Roast

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/kris-king/
Title: Kris King

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/budget-friendly-sheet-pan-chicken-thighs-and-veggie-roast/#comments
Title: 3 comments

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/youre-invited-to-join-the-aip-bipoc-community/
Title: You’re Invited to Join the AIP BIPOC Community!

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/jamie/
Title: Jamie Nicole

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/youre-invited-to-join-the-aip-bipoc-community/#respond
Title: leave a comment

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/flank-steak-with-basil-chimichurri/
Title: Flank Steak with Basil Chimichurri

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/erinshearer/
Title: Erin Shearer

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/flank-steak-with-basil-chimichurri/#respond
Title: leave a comment

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/bbq-chicken-wings/
Title: BBQ Chicken Wings

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/indira-pulliadath/
Title: Indira Pulliadath

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/bbq-chicken-wings/#comments
Title: 1 comment

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/pumpkin-spice-sauteed-apples/
Title: Pumpkin Spice Sautéed Apples

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/pumpkin-spice-sauteed-apples/#comments
Title: 1 comment

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/instant-pot-chicken-pho/
Title: Instant Pot Chicken Pho

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/instant-pot-chicken-pho/#comments
Title: 2 comments

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/blog/page/2/
Title: < Older

Search URL Search Domain Scan URL

URL: https://www.facebook.com/autoimmunepaleo

Search URL Search Domain Scan URL

URL: https://instagram.com/autoimmunepaleo

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/autoimmunepaleo/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCYA6ubSj3PwMoxWytNL09tw

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/our-story/
Title: LEARN MORE>

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Autoimmune-Wellness-Handbook-Chronic-Illness/dp/1623367298/ref=as_li_ss_tl?ie=UTF8&qid=1468016861&sr=8-3&keywords=mickey+trescott&linkCode=ll1&tag=autoipaleo-20

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/apc

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/0692342907/ref=as_li_tl?ie=UTF8&camp=1789&creative=390957&creativeASIN=0692342907&linkCode=as2&tag=autoipaleo-20

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/ndk

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/realplans

Search URL Search Domain Scan URL

URL: https://www.e-junkie.com/ecom/gb.php?ii=1553056&cl=259920&c=ib&aff=331460

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/what-is-aip-the-definitive-guide/

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/awp

Search URL Search Domain Scan URL

URL: http://aipbatchcook.com/

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/category/articles-2/medical-science/

Search URL Search Domain Scan URL

URL: https://www.e-junkie.com/ecom/gb.php?ii=1511337&cl=257360&c=ib&aff=331460

Search URL Search Domain Scan URL

URL: https://aipcertified.com/

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/disclaimer/
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/terms-of-service/
Title: TOS

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/equity-at-autoimmune-wellness/
Title: Equity

Search URL Search Domain Scan URL

URL: https://rachelpesso.com/
Title: RACHEL PESSO

Search URL Search Domain Scan URL

URL: https://alchemyandaim.com/
Title: ALCHEMY+AIM

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/wellness-bundle

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://autoimmune-paleo.com/wp-content/uploads/2015/11/bundlepopup.jpg HTTP 301
https://autoimmunewellness.com/wp-content/uploads/2015/11/bundlepopup.jpg

Request Chain 32

https://aiwellness.wpengine.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png HTTP 301
https://autoimmunewellness.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png

Request Chain 51

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1798534973&utmhn=p.a2lmo8v1r.xyz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Blog%20-%20Autoimmune%20Wellness&utmhid=1575180370&utmr=-&utmp=%2F&utmht=1703783088610&utmac=UA-39114596-1&utmcc=__utma%3D130211662.1658188591.1703783089.1703783089.1703783089.1%3B%2B__utmz%3D130211662.1703783089.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=702492836&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39114596-1&cid=1658188591.1703783089&jid=702492836&_v=5.7.2&z=1798534973

76 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
p.a2lmo8v1r.xyz/ 87 KB
21 KB 524ms
369ms Document
text/html 2606:4700:3031::6815:1c7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1c7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a8228547f5a0d01357ac44efd4789d69de3617e0a21a0a0b32155c8217733365

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 83cb62687c07182d-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 28 Dec 2023 17:04:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLQvTFxKG3SpRa0wx4Wy%2BHaPvcEhI0r3sD7OSiqEqv4ALQRNbeNoXpUbyWSaz89kww80XmAY69CC0SYGfnSdsD%2ByHv6Ff5vm%2BRdySxm16GMPyqqJoWr24fiQygCqRLIt8mfISRHHW9%2BOpciylr8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 autoptimize_2b19a8b06ce2d32a38f735474d78c557.css
autoimmunewellness.com/wp-content/cache/autoptimize/css/ 61 KB
15 KB 195ms
24ms Stylesheet
text/css 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autoimmunewellness.com/wp-content/cache/autoptimize/css/autoptimize_2b19a8b06ce2d32a38f735474d78c557.css

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bf9f0a3979ff1eecc80fbb62abb7e3071a344c194e39d7b06362bdda7ca0628

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:47 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2348375
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 19:33:04 GMT
server: cloudflare
etag: W/"64aefff0-f593"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6e47JcUYYIjYw8UWa4hTclDrAxj6B1Hbq%2FLsB7gYJ94tMH7HQdU8bqVi3%2BzfuPDl%2Fk%2BdsWMTwrzcYOiqRES3VtEsRyu5EElhGMQVA%2Bf%2Fv4nBJCwiFx7wNXwCO7NY0rKmN1mTHT8lFzcCRfVNbAQHYwRYfbPL"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83cb626be9e717bd-EWR

GET
H2 200 autoptimize_82c47d37cdceaa034a7502196837c4dc.css
autoimmunewellness.com/wp-content/cache/autoptimize/css/ 807 KB
189 KB 393ms
222ms Stylesheet
text/css 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autoimmunewellness.com/wp-content/cache/autoptimize/css/autoptimize_82c47d37cdceaa034a7502196837c4dc.css

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72f42398709658d270987d46d4474ce31dff6514a4c924198483d93887b338c2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 16 Nov 2023 07:36:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6555c67d-c9c9b"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6f1eUQWjuqNFMrrZT5BJGjntyTzVxn1sDpQFgYUFAe38VfWbN4ldjzt9wNSYUktbinIt3UtRJGco80dVwoTn5f1SpCVTlx9vs6i6G9XJ0qWYZ7DMxJ1TOfN9MIehrE%2BAtI2GCADpU%2FHZx8ptpQtf6o2o1cmj"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83cb626be9e817bd-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 normalize.css
necolas.github.io/normalize.css/3.0.2/ 8 KB
3 KB 116ms
38ms Stylesheet
text/css 2606:50c0:8002::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://necolas.github.io/normalize.css/3.0.2/normalize.css
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8002::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 0da50cff35708a2790dac0457ecdc3e52e3c811caef93c274fb3f394e7e8b6bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 6a16809f5b6512e0175c1bec627a342da46b34db
date: Thu, 28 Dec 2023 17:04:47 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 1
age: 248
x-cache: HIT
x-proxy-cache: MISS
content-length: 2605
x-served-by: cache-lga21927-LGA
last-modified: Mon, 05 Nov 2018 02:35:30 GMT
server: GitHub.com
x-github-request-id: 92CE:7499:2AC4EA:3A26ED:658D5050
x-timer: S1703783088.891264,VS0,VE1
etag: W/"5bdfac72-1e76"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
permissions-policy: interest-cohort=()
accept-ranges: bytes
x-origin-cache: HIT
expires: Thu, 28 Dec 2023 10:49:12 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 119ms
40ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718
age: 2456335
cdn-cachedat: 11/29/2022 01:44:14
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"0831cba6a670e405168b84aa20798347"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: ef9ffecc01e87d0916e00062c24f9f3b
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 83cb626b5db23344-EWR
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 11 KB
706 B 133ms
31ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:400,300,300italic,400italic,600,600italic,700,700italic,100italic,100

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c56af93517522834ec0ff79c58f0b330c61e9606d89f4801ff00b836fd2244ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 17:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 17:04:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 17:04:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 127ms
25ms Stylesheet
text/css 2607:f8b0:4004:c09::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Old+Standard+TT:400,400italic,700

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c09::5f Ashburn, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54cc16e3d4bbf098040139a27883b54e3297f0c7931e5d0064bbdf2701dd1317

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Dec 2023 17:04:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Dec 2023 17:04:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Dec 2023 17:04:47 GMT

GET
H2 200 ytn8dbr.js Show response
use.typekit.net/ 19 KB
7 KB 150ms
34ms Script
text/javascript 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ytn8dbr.js

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

89eea08902a502c4ee4eb0ced07988e768e55964b1184b5c4de2354546c2d50d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 28 Dec 2023 17:04:47 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6850

GET
H2 200 modernizr-2.7.1.js Show response
daks2k3a4ib2z.cloudfront.net/0globals/ 5 KB
3 KB 134ms
18ms Script
application/javascript 13.32.207.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://daks2k3a4ib2z.cloudfront.net/0globals/modernizr-2.7.1.js
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.207.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-207-125.iad66.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab0cb43d4edb2a4410953eee55184c500243f87f5440869bf9c862a461a90629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 02:03:19 GMT
content-encoding: gzip
via: 1.1 6ff4697c5089876d94430beacc9a4d5e.cloudfront.net (CloudFront)
x-amz-version-id: null
last-modified: Wed, 11 Jun 2014 19:22:53 GMT
server: AmazonS3
age: 1782089
x-amz-cf-pop: IAD66-C1
etag: W/"a89f4997162bf61e019b926e08682bdf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-id: b20Zwze8I_-5SRrnGLOTMkqSCYUzi4XGkoM-NjWDjBpC5dFegNHrDA==

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 113ms
37ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:47 GMT
content-encoding: gzip
via: 1.1 varnish
age: 4344833
x-cache: HIT
content-length: 33202
x-served-by: cache-lga21946-LGA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1703783088.891290,VS0,VE0
etag: W/"28feccc0-1762a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 111986

GET
H2 200 /
autoimmunewellness.com/ 1 KB
884 B 271ms
103ms Stylesheet
text/css 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autoimmunewellness.com/?mcsf_action=main_css&ver=d3e205c23e1e6ce924a6e315b0989307

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

4a1f1fbd7cae138f690aec083e31e485cfeaab806591228c6dd6ebe71ae982e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: DYNAMIC
x-cacheable: CacheAlways: hours
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: WP Engine
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
x-cache: HIT: 19
content-type: text/css;charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2fsFkXCWw7VsPQ5HwjUrCNtx9gtKaqChIFtg2kI8PDudU%2F2ukYrw89JSitPoIXJxJEKCZJLtrDjIYOCalzA3LDE8MkLdnGKNivluSa0sF9pjc7IHyxX3RH%2BS%2BzF24lizEi0NHgLoHR47rzsMy7Sy3Yt%2FkPwq"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=3600, must-revalidate
cf-ray: 83cb626be9ea17bd-EWR
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.min.js Show response
autoimmunewellness.com/wp-includes/js/jquery/ 85 KB
31 KB 209ms
41ms Script
application/javascript 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autoimmunewellness.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:47 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2525799
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 26 May 2023 11:33:35 GMT
server: cloudflare
etag: W/"6470990f-155ba"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2FVrrel6fKIAWO12xVG0PqgFaN%2F9ih8NFXDkULg2xdk5skZqiKrHU43SqKRXBvBI0iLJhaMKN6JygUpce%2Fm183keCWrmMdLnvoDTiaRlg2DVD4UGxVFrUI2IX3vMKN%2FAR%2BEZJmUV0c3nxCnKHRPQBQ%2B1ZbjZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83cb626be9ed17bd-EWR

GET
H2 200 sharethis.js Show response
platform-api.sharethis.com/js/ 205 KB
46 KB 148ms
33ms Script
text/javascript 13.225.195.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.195.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-195-6.yul62.r.cloudfront.net

Software

Resource Hash

e1e04b876d769e39d9b54e88e20e60a1258ec858473a8f216c76ce19daba9ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:02:37 GMT
content-encoding: gzip
via: 1.1 e404a2eabfdbde8f3eb87125622c56ca.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: YUL62-C1
age: 130
etag: W/"332a8-To97sGKRp5b4v/9hI/vRCFXWuNg"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: d5iVahgPqGf2n81cCZKgQL4DBzMnRwrGW7oILzhlZ4xoRBbhqbw9FA==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 261 KB
88 KB 84ms
51ms Script
application/javascript 2607:f8b0:4004:c07::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HND72M21ZB

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7886f0fabb454d5d05279431058babc8e94e262c92fef1950f4077da7aa7547c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89780
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 28 Dec 2023 17:04:48 GMT

GET
H2 200 jquery.easing.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/ 2 KB
1 KB 115ms
39ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js?ver=d3e205c23e1e6ce924a6e315b0989307

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5051156
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 747
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-9e4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O%2BFj1xT%2Brx7nJOm8K%2F7NTJYCTbBaMifECxmRYMnIiOohutedEaD%2FvoMm6n%2BX3aSWxDKTZ6LORp%2BCSn0yVpuBP8xCeBOH4LZqxLtgGgouo92BSZpZNXlPwKKY8NW%2BO%2F0GoAPusuv9syGeYLMak3iby7r2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83cb626b5f85430a-EWR
expires: Tue, 17 Dec 2024 17:04:47 GMT

GET
H2 200 Final-Logo_Update_BLK.png
autoimmunewellness.com/wp-content/uploads/2016/12/ 33 KB
33 KB 209ms
42ms Image
image/png 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2016/12/Final-Logo_Update_BLK.png

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d6de6e74db1db45d1110878298ced42790e9e8fb43d40a7748f12f7ae91b802

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:47 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2604562
alt-svc: h3=":443"; ma=86400
content-length: 33772
last-modified: Fri, 12 Aug 2022 15:48:41 GMT
server: cloudflare
etag: "62f67659-83ec"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6G1bUodK%2BWDFLaQ7Dwm%2FVbxuD8fe1LDNJLtDBQt5F9UKzsOR2dT8cwnADIwDymDmiQsEt2f3SFqGlh%2BTlqt68EZxxKHMHpnsFGNOrhLcZqTECPkiuxaUbS%2BdVor4KywNDpymjfNtGlLHqwyvtIk%2B0yp1%2BZF"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626be9f017bd-EWR

GET
H2 200 5.-Deep-Healing-Dal-524x350.jpg
autoimmunewellness.com/wp-content/uploads/2022/12/ 14 KB
15 KB 422ms
255ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2022/12/5.-Deep-Healing-Dal-524x350.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

622edc39d6a1187c6243c73070fd0252afba3af18990c4952a9752816824c392

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 14364
last-modified: Wed, 24 May 2023 17:51:55 GMT
server: cloudflare
etag: "646e4ebb-381c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=isxdoL6y23fKez7EpOfamRX1Vx97UfFt3u14y0%2BHsvYRK0kaghfOubrav%2B9lIaD5PPqEVjdDmJajfMxjINs7rIomuGYh6grRMLWTIvGK4rhSfGnciqJKc8SF6ESXzIHxFmmipV0cQss6owibPcwz21a%2FuZVz"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626be9eb17bd-EWR

GET
H2 200 MAwalking-583x350.jpg
autoimmunewellness.com/wp-content/uploads/2022/11/ 35 KB
35 KB 204ms
202ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2022/11/MAwalking-583x350.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b69279bdd3c7f603016d20b0b18d9a98bfd61de1b96968bf20e0ad7e6149a257

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 35583
last-modified: Wed, 24 May 2023 17:51:58 GMT
server: cloudflare
etag: "646e4ebe-8aff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKHDv0Zj%2B0ufb79PdR0k8ZQIVlYz3%2FcVR3AHjJSbc0HOf6oTjXyyM4QwRtC%2FDfc8EGkaPXwOEFRwRWv0XQ4qZM%2BuyzRcoDrhtAgWNb3HZHo8EfKFUji5DYhICciOFshYtl8mgUB3L7EgedFA2wpl68A6UiB3"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626c2a1617bd-EWR

GET
H2 200 OneSheetChickenThighs_landscape-525x350.jpg
autoimmunewellness.com/wp-content/uploads/2022/11/ 32 KB
32 KB 230ms
230ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2022/11/OneSheetChickenThighs_landscape-525x350.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

670436067c74b747e4277b04931e435c29946f5f61d8418c7e8dcf6743f360c0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 32402
last-modified: Wed, 24 May 2023 17:51:56 GMT
server: cloudflare
etag: "646e4ebc-7e92"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRRZMAWgXWwU13AkR4LfseOp19NQwuKH0yFMqRWPl5lAs1HF6xX9kqLAWcJlQfsuEHG8mYfFl5%2FxaW1v4OGS%2B7BhxbpcNMjgslyg3vOEc8gJVhdBbaUj452zA%2BYuzUqOK2ir4ImR3rVgqShu%2FWAwx6QfrN2F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626c4a2e17bd-EWR

GET
H3 200 siebar.jpg
autoimmunewellness.com/wp-content/uploads/2017/12/ 54 KB
55 KB 27ms
27ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2017/12/siebar.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

857e95f5d003bd04be798e18b5a83268cbffb657badfd6701627a516a9540ecb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2508833
alt-svc: h3=":443"; ma=86400
content-length: 55749
last-modified: Fri, 12 Aug 2022 15:48:39 GMT
server: cloudflare
etag: "62f67657-d9c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IAyDxsA5%2BngkpwPeHG%2BkwjK%2FbHlEJPyiSbCo0k7OGmycmDTBFlaNMFCqRSnKdjfaIQ8c0U4q2iyT7glSsnsvMfgOySOG1s9GTb954rW3yweeqP36IiNb9z7%2FowPoqIN7XQgMcvJDHG4%2BcGt8Z3Ew%2Fw%2FI2acO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626d8ba38c30-EWR

GET
H3 200 Cover-OnlineVersion_NEW.jpg
autoimmunewellness.com/wp-content/uploads/2015/09/ 208 KB
208 KB 35ms
33ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2015/09/Cover-OnlineVersion_NEW.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

661a4243cf5ff51e76b35e0e50bf5581fca425ba99c946aae662e30fc760c0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2508833
alt-svc: h3=":443"; ma=86400
content-length: 212750
last-modified: Fri, 12 Aug 2022 15:48:45 GMT
server: cloudflare
etag: "62f6765d-33f0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvswdrFGvCgbYE9BHJO4VPD0S86s7802QU5CngwQPF6ulxksspboZ4Bay2TTNFyTNuvYI%2F%2BNhQsM1K3TwfbQoxtLiTtrQ3JH4I366WIkoGObU6X45X7HcXqJru8dx507uXi%2FICoU4ysIFA4fcKUoV0q6w6qN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e2c548c30-EWR

GET
H3 200 alternative-autoimmune-cookbook.jpg
autoimmunewellness.com/wp-content/uploads/2017/03/ 25 KB
25 KB 208ms
205ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2017/03/alternative-autoimmune-cookbook.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02022090a128f827a73275b9769fa1fa0e099daee90bd62d2fa8f430f25bcd26

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2590201
alt-svc: h3=":443"; ma=86400
content-length: 25403
last-modified: Fri, 12 Aug 2022 15:48:41 GMT
server: cloudflare
etag: "62f67659-633b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJoHeJv4KBBY8xguNL7ngaHTYcpdbsJQhURUFhy%2Bp69S0KSOCIM57Wel6FatDSaBFh7BcfEKaXEzXjZMO5IP5s%2BBtBv2HyXetKilLsAYT8cLwOhtKVni4y1hZwzWLzdvvAcunDgLGDHU3gYZEJ%2BydXTLEz9F"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c598c30-EWR

GET
H3 200 NDK_Cover.jpg
autoimmunewellness.com/wp-content/uploads/2018/11/ 832 KB
832 KB 251ms
248ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2018/11/NDK_Cover.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ebbdf8eb5c3a5d4fc0ae6905d3412fb12025834bb526eb121d68407fae7536b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 191257
alt-svc: h3=":443"; ma=86400
content-length: 851636
last-modified: Fri, 12 Aug 2022 15:48:36 GMT
server: cloudflare
etag: "62f67654-cfeb4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c%2BYtn0KnabMglJHJaK3v%2F5S0Mz5UUmYy6INNVcmG7wdYZgssnitU4SFbmrATMJG7%2FdQCU3%2B9KCuyRn0KycghzGBRRqaxLbCK3z0ana0q%2BTdxtlLGoBynURMTjaegwKQpyosX%2BWS6ALZxAMpr7CofD3xW%2Fxmp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c5d8c30-EWR

GET
H3 200 AWH-Cover1.jpg
autoimmunewellness.com/wp-content/uploads/2018/06/ 770 KB
771 KB 342ms
339ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2018/06/AWH-Cover1.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4497d0c3c70278eb9e9a2bafd2dcbb30d0da5a89ed74099456202b2ee39e994c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2590201
alt-svc: h3=":443"; ma=86400
content-length: 788295
last-modified: Fri, 12 Aug 2022 15:48:37 GMT
server: cloudflare
etag: "62f67655-c0747"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ew6TFic3jtENR2Qf%2BdSYGYXYf2oeth6nAcoo7hs15XvmL5ZXUQV8UTBcGgQ3rqlA%2FhpaZxpFG%2B3IhKymV%2BuypQhlRiqOKVSb2CO%2BDMRRmECdouBFLMOCUn18dsWQxdsPf%2BcnIlxpEfmKIiEjLOR4MGMLmiVg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c5e8c30-EWR

GET
H3 200 Copy-of-FreezerCover_300.jpg
autoimmunewellness.com/wp-content/uploads/2017/10/ 7 MB
7 MB 431ms
429ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2017/10/Copy-of-FreezerCover_300.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4ce77b79f50cd1ca072086ea2dffbb1077de4922232bc7ad1f72ae12b8cb67

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2436094
alt-svc: h3=":443"; ma=86400
content-length: 7513304
last-modified: Fri, 12 Aug 2022 15:48:39 GMT
server: cloudflare
etag: "62f67657-72a4d8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eAkzbG8WWm%2BU2FimqFIcjqEIpgq3cyBMu15SRkXsplH1sHHqwnqZ3N8JnaQYc11wBk2HyNhNBPqzR7vUfDCQVReVjtIBASk1TVhxIZCED%2BI8BLakwNLufv8Qhpp5SE1HHONGKTVxIV76PBJa8%2FWswZcxvTTp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c608c30-EWR

GET
H3 200 what-is-aip-sqaure.jpg
autoimmunewellness.com/wp-content/uploads/2018/06/ 251 KB
251 KB 1064ms
1061ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2018/06/what-is-aip-sqaure.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15fe0ea1dfa766a7e26466acf5f0017f889b13b7e0f3f8cb9cc90e2e5c3c482f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2508833
alt-svc: h3=":443"; ma=86400
content-length: 256618
last-modified: Fri, 12 Aug 2022 15:48:38 GMT
server: cloudflare
etag: "62f67656-3ea6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8RR0soYnRRt5JevZ%2BSy8Ap6R2GHBtKMyTPPeB15G7Pycw0aLTOo8K%2Bnk4TYog6BajQ5RFpxQs%2F2AmKwD%2BeayTPPx%2B0Y6bTwD1ptzpBS2mabZ9SP2E5Gfpf3AHg%2FAnh03v3ZM828WGXhfA1uqdETT9N9iC560"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c628c30-EWR

GET
H3 200 AWPCover.jpg
autoimmunewellness.com/wp-content/uploads/2016/10/ 151 KB
151 KB 1073ms
1071ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2016/10/AWPCover.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2171cb99fa0b38c1c427abe85c66025906ed6a0602b4ced85d10802f415714c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2506965
alt-svc: h3=":443"; ma=86400
content-length: 154169
last-modified: Fri, 12 Aug 2022 15:48:42 GMT
server: cloudflare
etag: "62f6765a-25a39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Le%2FSdhnWe2QO4WTeWojaBg6sQd9Vn416JqHIR5vvwU4mtxm82x%2FEy2zst9RiID6RPEw2Kgr8B6R3VoyXMOX4xulpCoH0ej9LV%2F3KogMOb5uuhB4l6JzYIU4rb0VDV4vs8jWvTC3U6ma7PSNi3vvEnjpZbma"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c658c30-EWR

GET
H3 200 medical-studies-sidebar.jpg
autoimmunewellness.com/wp-content/uploads/2019/08/ 287 KB
288 KB 1097ms
1095ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2019/08/medical-studies-sidebar.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f66213216d83c3325b395ec7fb537d56e02afffa733b14f28f431ab04f7f681

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2590201
alt-svc: h3=":443"; ma=86400
content-length: 293897
last-modified: Fri, 12 Aug 2022 15:48:35 GMT
server: cloudflare
etag: "62f67653-47c09"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iKg%2F4OIcqDTkJB99pWWulwR5Ogvcy6WiSRaFWh1%2F3PyoRq%2Fr7Rd24rwFvdHvUvsljRY2EZ6ZwALOxTLcJ0%2FRMban2oTpUJ%2FQZR28nMEpqMco5wEePkXSh2ybOnZBnMwT%2BdobnJx3F2lbUwV1zJE30gRF5t8"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c668c30-EWR

GET
H3 200 ip-cookbook-cover.jpg
autoimmunewellness.com/wp-content/uploads/2017/01/ 445 KB
446 KB 1077ms
1075ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2017/01/ip-cookbook-cover.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4fcc74ecab8ed24dd9de68c0adc45b08c0b6f5105f8e2bf35b1dcbcb93b9ae2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2352549
alt-svc: h3=":443"; ma=86400
content-length: 456136
last-modified: Fri, 12 Aug 2022 15:48:42 GMT
server: cloudflare
etag: "62f6765a-6f5c8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kshtAlnf%2BsbB1bd%2FaKNCJ6hX4f%2B5tiTNKraofMY%2Ba%2BjyjAom5utqz1UZGrvTgkWswWEpwp4QTElMv4X7TRrocqZgIxU7GOC8SVHXYDqkGajQfn5oinw8sk1UfJFIiZ6jw35MG3H2p78qaq7R6RUrbG4MV5xi"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c6a8c30-EWR

GET
H3 200 ingredients_preview-1.jpg
autoimmunewellness.com/wp-content/uploads/2018/06/ 395 KB
395 KB 1103ms
1100ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2018/06/ingredients_preview-1.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dee9eb50d5d1614e2d524152d8557029d4587881bdd706512732713ce4caa7cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1207046
alt-svc: h3=":443"; ma=86400
content-length: 404373
last-modified: Fri, 12 Aug 2022 15:48:37 GMT
server: cloudflare
etag: "62f67655-62b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tADFAlFrYwNGUqZgAF2zaVsYwKzCwSlY1eKjGvQifGZc41l0wyk%2FnFb7qBUso3JX1kxwyXXJDErqQlgugxMmku8SpUB0uU3gBXOI64purWbLr229LaPR%2F1jiJEDGy2wOC%2Bfgw34tx9ROjQsMB8afjH9NXFKD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c6b8c30-EWR

GET
H3 200 resources-sidebar.jpg
autoimmunewellness.com/wp-content/uploads/2018/06/ 35 KB
36 KB 1117ms
1115ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2018/06/resources-sidebar.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be46e53117144f19f998cc38886635ece607ee47f32880b6f91a50d2e9c68124

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3314673
alt-svc: h3=":443"; ma=86400
content-length: 36305
last-modified: Fri, 12 Aug 2022 15:48:37 GMT
server: cloudflare
etag: "62f67655-8dd1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qV%2BOZEDgo%2BQXpnpBQ8pb1bHz%2Bj2GYbjsCIb9s4px4CQvGfJlop7v%2BHnEYR%2Fpi%2BBP4gH%2Bu4lDEl2Dh%2B2mjSaKvArLUektzJR%2BEAPwC957%2ByuQKvqvg4NIj3pGgrTFLrYO1Jw8y8vLJMxtVztvy2qXd%2FgBavTN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c6d8c30-EWR

GET
H3 200 close-icon.png
autoimmunewellness.com/wp-content/plugins/itro-popup/images/ 7 KB
8 KB 1120ms
1118ms Image
image/png 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/plugins/itro-popup/images/close-icon.png

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47bd3866d67c6470ff420960ca0a2a44ce66ec8c88271b7cf99600529376b56c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2506964
alt-svc: h3=":443"; ma=86400
content-length: 7553
last-modified: Thu, 15 Jun 2023 12:10:53 GMT
server: cloudflare
etag: "648affcd-1d81"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HttQ46%2FhMBeSKNWeSKbjNynEnoKwEXYN4fD8liOWpoaI3PldBAoGE1dIAQzYH71jAb5xj2Nm40eeqJqR%2BoNSve0XEeWg6HmNmWfEHakvnNC8U1TqtZ7ABj4YK5mf9152NcU9NYS5D1Gb5AJqygYDXlODWKNK"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e3c6f8c30-EWR

GET
H3

200

bundlepopup.jpg
autoimmunewellness.com/wp-content/uploads/2015/11/
Redirect Chain

https://autoimmune-paleo.com/wp-content/uploads/2015/11/bundlepopup.jpg
https://autoimmunewellness.com/wp-content/uploads/2015/11/bundlepopup.jpg

149 KB
150 KB

906ms
905ms

Image
image/jpeg

2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2015/11/bundlepopup.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d850cadc389cddf7db20085f5612d9b09bf590126117283f284ecaa5f2dc8543

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2526482
alt-svc: h3=":443"; ma=86400
content-length: 152888
last-modified: Fri, 12 Aug 2022 15:48:44 GMT
server: cloudflare
etag: "62f6765c-25538"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F00OZbimyDgoCzowryrla4qM%2FueCYfeI4cT9Wq9dYCGS5LCfrfaLdskuByH90YLIlLP2skdAoAK0O4P7lu2%2BIoXVn9m8xMt%2BjHZ%2F77XhPQDHPfIFD6UWe9CuUcQAtIs8jWiDAdlQx3GWCWqmyX%2B6TZdnap1a"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626feecb8c30-EWR

Redirect headers

date: Thu, 28 Dec 2023 17:04:48 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqckU3256XNur7Jx%2BQExBvlJnqpavusFDVYySOKzYUZb3DRIUs7rZektBRkn5MSXfFAfmhd3wvEPwoZZ7qGoyQNwQDUzyj2FemIRnSnTthcqRasjjY0pOm21HDaPUoG3Fn64b75LJg1O2EriZlgC46caww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://autoimmunewellness.com/wp-content/uploads/2015/11/bundlepopup.jpg
cache-control: max-age=14400
cf-ray: 83cb626f0bb38ce6-EWR
alt-svc: h3=":443"; ma=86400

GET
H3

200

Final-Logo_Update_BLK_short.png
autoimmunewellness.com/wp-content/uploads/2017/01/
Redirect Chain

https://aiwellness.wpengine.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png
https://autoimmunewellness.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png

19 KB
20 KB

715ms
715ms

Image
image/png

2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99cbf8461e06bcc64daaaba6ff5a06ac695e03b10687151091966afaccff6dd7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3911173
alt-svc: h3=":443"; ma=86400
content-length: 19869
last-modified: Fri, 12 Aug 2022 15:48:41 GMT
server: cloudflare
etag: "62f67659-4d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oqi02OaS%2Bpqe0ykdmLqZJRWD5TDPRkVguo1wAec71HTP2S0IWCONTVVXkowgZWwz7H8k7LtaZBaYIl8kNh9cVQpkDw07UGl7OY47C6%2BU5fXEMp3LOcyfKQvnYi52Tr9NOH9lWRpxJeWQjRwiII6%2Bc55coEHu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb627128298c30-EWR

Redirect headers

location: http://autoimmunewellness.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png
date: Thu, 28 Dec 2023 17:04:48 GMT
server: nginx
content-length: 162
content-type: text/html

GET
H3 200 autoptimize_single_cef37125b5bf40a5f0fb6d2526da5ef7.css
autoimmunewellness.com/wp-content/cache/autoptimize/css/ 4 KB
2 KB 27ms
26ms Stylesheet
text/css 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autoimmunewellness.com/wp-content/cache/autoptimize/css/autoptimize_single_cef37125b5bf40a5f0fb6d2526da5ef7.css?ver=d3e205c23e1e6ce924a6e315b0989307

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7417c5da0a35da8defb2434923e89cf1fa5f64f23c7d6c19818e77881d428c94

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3290722
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 19:33:06 GMT
server: cloudflare
etag: W/"64aefff2-fb9"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bj%2FGGxJZCgHOgN6Z62HomC9GEwFCt5cu7YcivKDgS%2BvW0I3ER9F0avCbwJbiBL7tYCmgLNV%2Bydrw1HIor1mDh4jQ0OHVurqZ0r5VN5EyK%2FA8gc71x0%2FntV5KrX1SShrNyVGyees5GEKOLKlruv%2FPh%2BzRDNes"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83cb626dbbd88c30-EWR

GET
H3 200 autoptimize_single_9a3b0be888e016410a2a184d6347e32f.js Show response
autoimmunewellness.com/wp-content/cache/autoptimize/js/ 18 KB
6 KB 1121ms
1119ms Script
application/javascript 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autoimmunewellness.com/wp-content/cache/autoptimize/js/autoptimize_single_9a3b0be888e016410a2a184d6347e32f.js?ver=d3e205c23e1e6ce924a6e315b0989307

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be0fc9cf8261849673d9e1f1aeed3a5f116ae77b013826463ea7ac1b0a5de14

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3846817
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 12 Jul 2023 19:33:06 GMT
server: cloudflare
etag: W/"64aefff2-484f"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDL5lOfqeoA%2B1r1mbGedZinIqg9dbtF3irVoBG7TSjZaU1byPLHVm%2F8DXVHNC36LgjqkwSqkUDYbrq3o1vmERHFw%2F%2FCjfolcbwovdSUQN0FUj8nrN09C7nC1W%2FMKlsuHwfFd7%2B35FfOQdcY8hnKXe7ubgTC1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83cb626e3c708c30-EWR

GET
H3 200 autoptimize_846edb8f5956e1ab9c55398fec3df103.js Show response
autoimmunewellness.com/wp-content/cache/autoptimize/js/ 318 KB
88 KB 1122ms
1120ms Script
application/javascript 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autoimmunewellness.com/wp-content/cache/autoptimize/js/autoptimize_846edb8f5956e1ab9c55398fec3df103.js

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5738ce1247069f178bffbd1c3a4c0b29fbc7f51b6afb0ab20bae8db0915ef34b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2481803
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 Nov 2023 07:36:29 GMT
server: cloudflare
etag: W/"6555c67d-4f812"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0bAlZLKkdKe1hrmr5dhubuS2vmlBfWW0HP2qAmjEESYdpxEviyjAoj%2BqoqSbLjyDF%2B8DyfPnGuKG7clSGP0kJBirDT%2F96w7gJbXpG%2F2oLfYIo%2FqKg6g%2F%2FPvB4KFOUBgCus5gsmZMwxL%2Bm3Pc%2B7PnWL0SWTo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83cb626e3c738c30-EWR

GET
H2 200 58a5f69a8cfe7d0011262a6d.js Show response
buttons-config.sharethis.com/js/ 30 B
445 B 260ms
131ms Script
text/javascript 2600:9000:250b:3000:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/58a5f69a8cfe7d0011262a6d.js

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:250b:3000:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
via: 1.1 f7712655aa6587fbf06c55b40ebb2680.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Thu, 16 Feb 2017 18:59:39 GMT
server: AmazonS3
x-amz-cf-pop: IAD12-P4
etag: "e6e1643313740711175f51662a65b42f"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 30
x-amz-cf-id: mpStpoXir88wIAopdpV4X0W_-YQ2zBS_jXATO114q1ibnK5XJ7qQFg==

GET
H/1.1 200
OK universal.mjs Show response
assets.flodesk.com/ 158 KB
61 KB 266ms
134ms Script
application/javascript 2600:9000:20e2:be00:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/universal.mjs?v=851891520
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:be00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 292bf8d61b62a6955a1caaea01836ea4c2df9a84c34e0fc9a0691bddd23b537f

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 17:04:49 GMT
Content-Encoding: gzip
Via: 1.1 cd3b189d4dff15bd0a2ccf14f97ffda2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD79-C2
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
Connection: keep-alive
Last-Modified: Thu, 28 Dec 2023 03:38:28 GMT
Server: AmazonS3
ETag: W/"ce7e5a989bc6476819a5ddd31faafa54"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, PUT, HEAD, POST, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: max-age=31536000
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
X-Amz-Cf-Id: hPn0331ip4l9eWMPtKtdwMyc_UdHQAa7Acq8SR5bcDquczt8m7tnvA==

GET
BLOB 200
OK c95bc2f2-3fb9-4d49-a2be-084945e453db
https://p.a2lmo8v1r.xyz/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://p.a2lmo8v1r.xyz/c95bc2f2-3fb9-4d49-a2be-084945e453db
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
435 B 296ms
37ms XHR
text/plain 18.116.146.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/pview?event=pview&hostname=p.a2lmo8v1r.xyz&location=%2F&product=ga&url=https%3A%2F%2Fp.a2lmo8v1r.xyz%2F&source=googleanalytics-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Blog%20-%20Autoimmune%20Wellness&cms=unknown&publisher=58a5f69a8cfe7d0011262a6d&sop=true&version=st_sop.js&lang=en&description=Stay%20up%20to%20date%20with%20all%20of%20the%20latest%20AIP%20compliant%20recipes%2C%20articles%2C%20and%20other%20resources%20on%20living%20well%20with%20autoimmune%20disease.&ua=&ua_mobile=false&ua_full_version_list=&uuid=535acb25-e27c-478a-915e-17aa467ce707

Requested by

Host: platform-api.sharethis.com
URL: https://platform-api.sharethis.com/js/sharethis.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.116.146.56 Columbus, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-116-146-56.us-east-2.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 17:04:48 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: https://p.a2lmo8v1r.xyz
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Access-Control-Allow-Headers: *

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 228ms
107ms Script
text/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 28 Dec 2023 15:15:03 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6585
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 28 Dec 2023 17:15:03 GMT

GET
H3 200 TheBlog2.jpg
autoimmunewellness.com/wp-content/uploads/2017/03/ 1 MB
1 MB 1114ms
1113ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2017/03/TheBlog2.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56743fb13c30a99e8674206ba266611a9ca40cd3b527b7ab459ed97d25fe4845

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163795
alt-svc: h3=":443"; ma=86400
content-length: 1101897
last-modified: Fri, 12 Aug 2022 15:48:41 GMT
server: cloudflare
etag: "62f67659-10d049"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DZGubTGA1302zPZew28y1dRBqhQ2PxNGyRhKH%2BFKwlPRwabaPsPfuyV6i7ljDV4MOQzxFCNRAPDaZWAHJpL9Od08nn%2FWCEHhiC%2BbPMwBCGj02MQxPKceJcqvabxEgJHDKDNs7%2FsfLzxaetZwzvZjeugaZWuK"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626e4c988c30-EWR

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v32/ 28 KB
28 KB 258ms
143ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v32/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:400,300,300italic,400italic,600,600italic,700,700italic,100italic,100

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Tue, 26 Dec 2023 05:08:44 GMT
x-content-type-options: nosniff
age: 215764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28600
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 25 Dec 2024 05:08:44 GMT

GET
H3 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
64 KB 246ms
138ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
cdn-edgestorageid: 845
cdn-cachedat: 10/31/2023 18:51:25
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64464
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "4b5a84aaf1c9485e060c503a0ff8cadb"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 8fe66a65cd643ab873c4b74fec6f2056
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 83cb626efa11726e-EWR
cdn-requestpullsuccess: True

GET
H2 200 MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2
fonts.gstatic.com/s/oldstandardtt/v20/ 23 KB
24 KB 221ms
107ms Font
font/woff2 2607:f8b0:4004:c1b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oldstandardtt/v20/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Old+Standard+TT:400,400italic,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::5e Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df8f44081c6ce8517dc973654bee1300b7c12642adbd646ecc83e2132692d365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 23 Dec 2023 22:25:28 GMT
x-content-type-options: nosniff
age: 412760
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23676
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 18:01:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 22 Dec 2024 22:25:28 GMT

GET
H3 200 AIPBIPOC-525x350.png
autoimmunewellness.com/wp-content/uploads/2022/11/ 55 KB
56 KB 1136ms
1134ms Image
image/png 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2022/11/AIPBIPOC-525x350.png

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcfca8990efd74127c2691d9c5d44d448edcc2d4372bfb469326dd947f4648f6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 163786
alt-svc: h3=":443"; ma=86400
content-length: 56403
last-modified: Wed, 24 May 2023 17:52:02 GMT
server: cloudflare
etag: "646e4ec2-dc53"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PCSp2mP9WCKSy7jjfSbvMpACAGzE%2BbmADV8BgQ3sdvVUL1NtRBDBsxx0dKMBMdf36p%2FPTV6YpJTodEIjDwKS4RGGbUKfV4umyMOVExASCjNx3LCDtNYS4DTv0B5VpEqZgDj5CquV63S%2FeV91QDyguG92kh%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626eddaa8c30-EWR

GET
H3 200 FlankSteakChimichurri.Landscape-525x350.jpg
autoimmunewellness.com/wp-content/uploads/2022/11/ 21 KB
22 KB 1139ms
1137ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2022/11/FlankSteakChimichurri.Landscape-525x350.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7cc3c51ff449e73e52a1fcda9a3b9e5a980d02ec85a8ee8cf81f63cfa29766e9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 21676
last-modified: Wed, 24 May 2023 17:52:03 GMT
server: cloudflare
etag: "646e4ec3-54ac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5HgghIiFkf3%2BDrGf7lrlakZXkls%2BWrKNDzcHTfMk2tCKYp2isjGkgLM8StQ0UnqrH5UIbu%2FdRaJAx7PhUc6BsHDp81guY7K3uOGBbRx0KlylnRTvPVKmBaQRa%2F88uNu6u1GGUpvATo9omBdxW47c28X7k2mR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626f5e418c30-EWR

GET
H3 200 Bbq-Chicken_landscape-529x350.jpg
autoimmunewellness.com/wp-content/uploads/2022/11/ 25 KB
25 KB 1140ms
1139ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2022/11/Bbq-Chicken_landscape-529x350.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47bd0459b956c9ab9e6940b8a38a318b83a56d8dc13962357b2fc5b6138df09f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25517
last-modified: Wed, 24 May 2023 17:52:05 GMT
server: cloudflare
etag: "646e4ec5-63ad"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FE%2FRXkw1NGFDd7zH9z8DKyi5JsYmw9LU6W%2B%2F9DHOfn4daYkQ6Cqqlo6BKsQB%2B8L7WbWMo3T1XZTKcm4H%2BCcrsNESMmODH1z%2B17OjiImzseQBuoW2Wv%2BlIwbxLyF0HWW2zlPqrSy%2FYLlWpK9EKtshf%2FwjUuie"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626f5e428c30-EWR

GET
H3 200 RP-sidebar-2020-1.jpg
autoimmunewellness.com/wp-content/uploads/2020/02/ 56 KB
56 KB 1140ms
1139ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2020/02/RP-sidebar-2020-1.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db58fbdd3b4cd12d729fd5d21a19ddc484943744299fc98c7103c0e4d1e5ae76

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2484554
alt-svc: h3=":443"; ma=86400
content-length: 57292
last-modified: Fri, 12 Aug 2022 15:48:34 GMT
server: cloudflare
etag: "62f67652-dfcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg2oAuzzeaoKp%2FsDaDbzlrqLt2FXPmbq%2FV0Uod8kO6CcdQgRWbG4Tcn%2FDclDndn2Ycy5zdVnpW9SST9w31FT9EWcvrgUtbLIrHXjq%2BuRkhL3txoQvLBTCKE72IH00gLb7%2FPpU8uvvBSj3yr7SJOAoEozQuaZ"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626f5e438c30-EWR

GET
H3 200 AIPBCSidebar.jpg
autoimmunewellness.com/wp-content/uploads/2023/09/ 91 KB
91 KB 1142ms
1141ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2023/09/AIPBCSidebar.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

990f173e7ce9870ca0b082937cb9e6945ad0c318fa8c73ec6d0df05379fef6e0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1194833
alt-svc: h3=":443"; ma=86400
content-length: 93012
last-modified: Thu, 28 Sep 2023 17:11:07 GMT
server: cloudflare
etag: "6515b3ab-16b54"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A3r3gJ8NHnABNGJ4JtzmhRyGhWpCj5YOI%2BalLiSejrx9K5wCXWOv2sPbfBMeGppq%2B6ThcIgxGY%2Fj2UUXRWstZMqb%2B4EcoRAN685bVl%2FYbXdA5%2BSmqbYywYGNfW1z9%2BeSjOA%2BMtwPnAiLlX%2B78gmufLJKflpg"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb626f5e448c30-EWR

POST
H2 204 collect
www.google-analytics.com/g/ 0
245 B 174ms
57ms Ping
text/plain 2607:f8b0:4004:c08::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-HND72M21ZB&gtm=45je3bt0v896829656&_p=1703783088340&gcd=11l1l1l1l1&dma=0&gdid=dZTNiMT&cid=1658188591.1703783089&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1703783088&sct=1&seg=0&dl=https%3A%2F%2Fp.a2lmo8v1r.xyz%2F&dt=Blog%20-%20Autoimmune%20Wellness&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1245
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HND72M21ZB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c08::8a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 28 Dec 2023 17:04:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://p.a2lmo8v1r.xyz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1798534973&utmhn=p.a2lmo8v1r.xyz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Blog...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39114596-1&cid=1658188591.1703783089&jid=702492836&_v=5.7.2&z=1798534973

35 B
337 B

214ms
84ms

Image
image/gif

2607:f8b0:4004:c1d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39114596-1&cid=1658188591.1703783089&jid=702492836&_v=5.7.2&z=1798534973

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Server

2607:f8b0:4004:c1d::9a Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 28 Dec 2023 17:04:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 28 Dec 2023 17:04:48 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39114596-1&cid=1658188591.1703783089&jid=702492836&_v=5.7.2&z=1798534973
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 64a9e30417cf480e0b5fa9d8 Show response
form.flodesk.com/forms/ 27 KB
4 KB 825ms
621ms XHR
text/html 2600:9000:20aa:c000:f:9de7:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://form.flodesk.com/forms/64a9e30417cf480e0b5fa9d8
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.mjs?v=851891520
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:c000:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b66cd35e6475f8c6a348033b51487292fda25da91c72045cdd93b7fcbca7f9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:48 GMT
content-encoding: gzip
via: 1.1 4f9e9e3e8a2a5cea2848aac8473267f2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-amz-cf-id: twbOVJLTqtG7o61ZYkTutlLPgLDT0o-F2rbbbSEvDsLN1C11DoVNsw==

GET
H/1.1 200
OK 312.fda53f2d79d475552a32.mjs Show response
assets.flodesk.com/ 32 KB
12 KB 361ms
82ms Script
application/javascript 2600:9000:20e2:be00:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/312.fda53f2d79d475552a32.mjs
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.mjs?v=851891520
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:be00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4da345d0a59b80f29122537bc5e007b74f532f3dede23fc82bbab48faf06c6c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 03:38:32 GMT
Content-Encoding: gzip
Via: 1.1 119a6678daa8460130f2575d73df9ee6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD79-C2
Age: 48377
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 28 Dec 2023 03:37:59 GMT
Server: AmazonS3
ETag: W/"047e1461341e5b99eb9e5b1647b3df0e"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Id: dmE-ORLZ2cbYMC7L3q-OQrHk1gMpV_8mYT-nzDQfgsW_J4eeKe7w8w==

GET
H/1.1 200
OK 650.580e29ede6657aee2d7e.mjs Show response
assets.flodesk.com/ 13 KB
5 KB 316ms
37ms Script
application/javascript 2600:9000:20e2:be00:f:b2f5:a240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.flodesk.com/650.580e29ede6657aee2d7e.mjs
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/universal.mjs?v=851891520
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e2:be00:f:b2f5:a240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01406c7813ca723d8c2cfe2ea12b84ebb6a0f59f18157d0e6d8d78c6adbf3c48

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Thu, 28 Dec 2023 03:38:32 GMT
Content-Encoding: gzip
Via: 1.1 7d5b81244bd8116fcbcfa4c6fef02f92.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: IAD79-C2
Age: 48378
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 28 Dec 2023 03:38:00 GMT
Server: AmazonS3
ETag: W/"3a3ecf4cc033c7692c44a4f976a76520"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
X-Amz-Cf-Id: gVD-enPsI_m3fYldVej7fjhkSTZxIvG2H-Gcqf4cqz9z2czHntY1VA==

GET
H2 404 en.svg
p.a2lmo8v1r.xyz/wp-content/plugins/gtranslate/flags/svg/ 488 B
488 B 31ms
30ms Image
text/html 2606:4700:3031::6815:1c7e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.a2lmo8v1r.xyz/wp-content/plugins/gtranslate/flags/svg/en.svg
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::6815:1c7e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9453b17588f3b5b974aaec2950f3e887492cd2e57863d46241dd706186f4fd62

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MMYsvFVMuloM0%2FSbAdR%2BRBlRcXk5movJlo9gl6UEg%2Fhs9GTJtSDv2ehQ6O3TPyi2mUHXCZKwelRS1%2B6AkOTJmyNzZex%2BeMHUlvhRpQnFTG2kC153FqWpjdtkf8K5OaXeFK%2FdhtTLGrHzSTin5BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 83cb6275ef68182d-EWR
alt-svc: h3=":443"; ma=86400

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 l
use.typekit.net/af/4e8f1c/00000000000000000001771b/27/ 19 KB
19 KB 240ms
129ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4e8f1c/00000000000000000001771b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e8fd1a4ddc838148ddb16b4111f250aaebc12fa595445c04e621874f8e7201ee

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "1e4bb09579655e22898b075fa98e078d99f5b015"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19768

GET
H2 200 l
use.typekit.net/af/9f8f7d/00000000000000000001771c/27/ 20 KB
20 KB 239ms
128ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9f8f7d/00000000000000000001771c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 8d53c13bb6561a9cb1e9bd3fe8fd095d21587938f43aff7fea04c80c02836a40

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "c222ee85e7d33c2fd42d7bcf03f04baabc9ecf59"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20556

GET
H2 200 l
use.typekit.net/af/393a58/00000000000000000001771d/27/ 20 KB
20 KB 158ms
48ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/393a58/00000000000000000001771d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 709374afd4dff7f475003e15d5fc2f0a50d9afe20bd3e95ba063758229ffeafe

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "9ea39d472050dbac5b634ff8b08dd04449a587b8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20140

GET
H2 200 l
use.typekit.net/af/b5c416/00000000000000000001771e/27/ 20 KB
20 KB 160ms
51ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b5c416/00000000000000000001771e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c99a0c4536ccd93c1f19147a4e4abdca478c8c8f472946f627e659f8dd7a2d7c

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "da4f176bc2680f0ed1afb1367d1dc3b6951295bb"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20240

GET
H2 200 l
use.typekit.net/af/8d84f0/00000000000000000001771f/27/ 19 KB
19 KB 192ms
82ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8d84f0/00000000000000000001771f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a92eef548e30cee1b4f02d6910892da7c8ca271d9f8043a2e3f9e5237402b88e

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "558db8f2254ec94e60b708c0bf81f88bba2b7f65"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19752

GET
H2 200 l
use.typekit.net/af/a20d40/000000000000000000017720/27/ 20 KB
20 KB 237ms
128ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a20d40/000000000000000000017720/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 556c52e85ecfd0ada2ecc434384e36115a3048dad8c48db01ab35c0b0c0eda09

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "362cfa947117279d46a3bfcfedc7f56754ec1e42"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20316

GET
H2 200 l
use.typekit.net/af/84cfc3/000000000000000000017723/27/ 20 KB
20 KB 144ms
35ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/84cfc3/000000000000000000017723/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 92a9c134de3c4d96c607a48cb759b7852dee00692f29f588e2450ca966bef00a

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "9592b07d36e415c57af211aaad0f7c419e5bdc14"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20536

GET
H2 200 l
use.typekit.net/af/625a3c/000000000000000000017724/27/ 20 KB
20 KB 156ms
47ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/625a3c/000000000000000000017724/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 97fb4708fa522aa19ef6be15dd7002225d4b179a3e5dfa479df01bdda8375a92

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "9399c09e1ad3bd361cecbd97b64a840cd74f11fc"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20160

GET
H3 200 wp-emoji-release.min.js Show response
autoimmunewellness.com/wp-includes/js/ 18 KB
5 KB 55ms
55ms Script
application/javascript 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autoimmunewellness.com/wp-includes/js/wp-emoji-release.min.js?ver=d3e205c23e1e6ce924a6e315b0989307

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
content-security-policy: upgrade-insecure-requests
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 236914
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: cloudflare
etag: W/"63db0985-4904"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snluuPpZBkbH7%2BwQKGyEUgdDpHPPjvU3%2BmUyjkd%2FgcsRbtGiyztfGDAEtGF6EuaIIUuGPSuy88lcGVeNN0lqOkgqQzRMJ%2BpmjrrXFEmzZJP0YfFj5jGirKviAqMiqtynw4VW%2BMhkmgHewjom2hxqhWvhFMeA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 83cb6276debe8c30-EWR

GET
H3 200 ajax-loader.gif
autoimmunewellness.com/wp-content/plugins/slick-carousel/deps/slick/slick/ 4 KB
5 KB 102ms
101ms Image
image/gif 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/plugins/slick-carousel/deps/slick/slick/ajax-loader.gif

Requested by

Host: autoimmunewellness.com
URL: https://autoimmunewellness.com/wp-content/cache/autoptimize/css/autoptimize_single_cef37125b5bf40a5f0fb6d2526da5ef7.css?ver=d3e205c23e1e6ce924a6e315b0989307

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://autoimmunewellness.com/wp-content/cache/autoptimize/css/autoptimize_single_cef37125b5bf40a5f0fb6d2526da5ef7.css?ver=d3e205c23e1e6ce924a6e315b0989307
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2432865
alt-svc: h3=":443"; ma=86400
content-length: 4178
last-modified: Fri, 12 Aug 2022 15:48:56 GMT
server: cloudflare
etag: "62f67668-1052"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2cKB8uPvGAUlKRu8ePl3Mzm5Ek%2BzVLRDSd8sQATbu%2FhL6f7lC5mFlJKZw9Wr4lPIQg2NYEtkmEVuY9WYGorm3tAd2sYc8UGL5K9138amDfC6LqWT%2B%2BTXG5UgqIUq%2B3iPShVV0DgyDqZx7zCXFoQn5TeYMBHu"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb62774f228c30-EWR

GET
H3 200 AWH-Cover1.jpg
autoimmunewellness.com/wp-content/uploads/2018/06/ 770 KB
770 KB 103ms
103ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2018/06/AWH-Cover1.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4497d0c3c70278eb9e9a2bafd2dcbb30d0da5a89ed74099456202b2ee39e994c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2590202
alt-svc: h3=":443"; ma=86400
content-length: 788295
last-modified: Fri, 12 Aug 2022 15:48:37 GMT
server: cloudflare
etag: "62f67655-c0747"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gFzbC%2FIzBXvlrBSQZalIeBjN843PyvnPIFJintJsWSIMO89o1V0oZ9bEPmyt7LaFS%2BH4Xr1GPI7JIIEadpW1jnLv9z09oM7Hruh746yPIXdtJs0664J09AxRR%2FfGjumiaKT6wuFHGzDyxzjkp4gFWsAyzx7y"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb62775f2a8c30-EWR

GET
H3 200 Cover-OnlineVersion_NEW.jpg
autoimmunewellness.com/wp-content/uploads/2015/09/ 208 KB
208 KB 102ms
102ms Image
image/jpeg 2606:4700:3033::6815:2fe9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://autoimmunewellness.com/wp-content/uploads/2015/09/Cover-OnlineVersion_NEW.jpg

Requested by

Host: p.a2lmo8v1r.xyz
URL: https://p.a2lmo8v1r.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:2fe9 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

661a4243cf5ff51e76b35e0e50bf5581fca425ba99c946aae662e30fc760c0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
content-security-policy: upgrade-insecure-requests
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2508834
alt-svc: h3=":443"; ma=86400
content-length: 212750
last-modified: Fri, 12 Aug 2022 15:48:45 GMT
server: cloudflare
etag: "62f6765d-33f0e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktG%2FiHIuUvmEBUV%2Fg%2BjzjCsmYcTqqJBH4nlKYctQxAIC2R3xAJpYVydDXa6VEwRwcepYmT4bx%2BtjQCnuty8ks9HB2MHK8vw%2BzhTFee0M%2FDEUzZvpvlxaNjnM7gl0CphtNEUBZt08iynmIAPi9faMVd85v5hR"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 83cb62775f2c8c30-EWR

OPTIONS
H2 200 events
form.flodesk.com/forms/64a9e30417cf480e0b5fa9d8/ 0
0 28ms
28ms Preflight 2600:9000:20aa:c000:f:9de7:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://form.flodesk.com/forms/64a9e30417cf480e0b5fa9d8/events
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:c000:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://p.a2lmo8v1r.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: *
content-length: 0
date: Thu, 28 Dec 2023 17:04:49 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers
via: 1.1 4f9e9e3e8a2a5cea2848aac8473267f2.cloudfront.net (CloudFront)
x-amz-cf-id: wpJPWLbonQvCKXnsnPFi6Ncrx6mQos-DFcoxr4aJnXT-jh2r-JfC6A==
x-amz-cf-pop: IAD89-C2
x-cache: Miss from cloudfront

POST
H2 200 events Show response
form.flodesk.com/forms/64a9e30417cf480e0b5fa9d8/ 5 B
275 B 36ms
36ms XHR
application/json 2600:9000:20aa:c000:f:9de7:2240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://form.flodesk.com/forms/64a9e30417cf480e0b5fa9d8/events
Requested by: Host: assets.flodesk.com
URL: https://assets.flodesk.com/650.580e29ede6657aee2d7e.mjs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20aa:c000:f:9de7:2240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 12cf623b335ff94b09f6ad5b8a1872467473da89059ac87ab383a8caee35d064

Request headers

Referer: https://p.a2lmo8v1r.xyz/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Thu, 28 Dec 2023 17:04:50 GMT
via: 1.1 4f9e9e3e8a2a5cea2848aac8473267f2.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD89-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
content-length: 5
x-amz-cf-id: p54LMLT7_IUffSmupY8LLp1ofxPA6tJABzVBNXxOTyurvdeyS3CEWA==

GET
H2 200 p.gif
p.typekit.net/ 35 B
205 B 133ms
78ms Image
image/gif 2600:1408:c400:2c::17de:48f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=ytn8dbr&ht=tk&h=p.a2lmo8v1r.xyz&f=25629.25630.25631.25632.25633.25634.25637.25638&a=3817992&js=1.21.0&app=typekit&e=js&_=1703783089959
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48f Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: en-US,en;q=0.9
Referer: https://p.a2lmo8v1r.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:50 GMT
last-modified: Fri, 28 Jul 2023 12:39:08 GMT
server: nginx
etag: "64c3b6ec-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 l
use.typekit.net/af/393a58/00000000000000000001771d/27/ 20 KB
20 KB 16ms
16ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/393a58/00000000000000000001771d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 709374afd4dff7f475003e15d5fc2f0a50d9afe20bd3e95ba063758229ffeafe

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "9ea39d472050dbac5b634ff8b08dd04449a587b8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20140

GET
H2 200 l
use.typekit.net/af/8d84f0/00000000000000000001771f/27/ 19 KB
19 KB 17ms
16ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8d84f0/00000000000000000001771f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a92eef548e30cee1b4f02d6910892da7c8ca271d9f8043a2e3f9e5237402b88e

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "558db8f2254ec94e60b708c0bf81f88bba2b7f65"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19752

GET
H2 200 l
use.typekit.net/af/4e8f1c/00000000000000000001771b/27/ 19 KB
19 KB 37ms
36ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4e8f1c/00000000000000000001771b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e8fd1a4ddc838148ddb16b4111f250aaebc12fa595445c04e621874f8e7201ee

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "1e4bb09579655e22898b075fa98e078d99f5b015"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19768

GET
H2 200 l
use.typekit.net/af/625a3c/000000000000000000017724/27/ 20 KB
20 KB 37ms
37ms Font
application/font-woff2 2600:1408:c400:2c::17de:48b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/625a3c/000000000000000000017724/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:1408:c400:2c::17de:48b Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 97fb4708fa522aa19ef6be15dd7002225d4b179a3e5dfa479df01bdda8375a92

Request headers

Referer: https://p.a2lmo8v1r.xyz/
Origin: https://p.a2lmo8v1r.xyz
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Thu, 28 Dec 2023 17:04:49 GMT
server: nginx
etag: "9399c09e1ad3bd361cecbd97b64a840cd74f11fc"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20160

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.a2lmo8v1r.xyz/	1970-01-21 02:52:23	Name: _ga_HND72M21ZB Value: GS1.1.1703783088.1.0.1703783088.0.0.0
.a2lmo8v1r.xyz/	1970-01-21 02:52:23	Name: _ga Value: GA1.1.1658188591.1703783089
.p.a2lmo8v1r.xyz/	1970-01-21 02:52:23	Name: __utma Value: 130211662.1658188591.1703783089.1703783089.1703783089.1
.p.a2lmo8v1r.xyz/	1969-12-31 23:59:59	Name: __utmc Value: 130211662
.p.a2lmo8v1r.xyz/	1970-01-20 21:39:11	Name: __utmz Value: 130211662.1703783089.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.p.a2lmo8v1r.xyz/	1970-01-20 17:16:23	Name: __utmt Value: 1
.p.a2lmo8v1r.xyz/	1970-01-20 17:16:24	Name: __utmb Value: 130211662.1.10.1703783089

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://p.a2lmo8v1r.xyz/wp-content/plugins/gtranslate/flags/svg/en.svg Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aiwellness.wpengine.com
assets.flodesk.com
autoimmune-paleo.com
autoimmunewellness.com
buttons-config.sharethis.com
cdnjs.cloudflare.com
code.jquery.com
daks2k3a4ib2z.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
form.flodesk.com
l.sharethis.com
maxcdn.bootstrapcdn.com
necolas.github.io
p.a2lmo8v1r.xyz
p.typekit.net
platform-api.sharethis.com
ssl.google-analytics.com
stats.g.doubleclick.net
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
13.225.195.6
13.32.207.125
18.116.146.56
2600:1408:c400:2c::17de:48b
2600:1408:c400:2c::17de:48f
2600:9000:20aa:c000:f:9de7:2240:93a1
2600:9000:20e2:be00:f:b2f5:a240:93a1
2600:9000:250b:3000:c:abe:f440:93a1
2606:4700:3031::6815:1c7e
2606:4700:3033::6815:2fe9
2606:4700:3034::ac43:8462
2606:4700::6811:190e
2606:4700::6812:acf
2606:50c0:8002::153
2607:f8b0:4004:c07::61
2607:f8b0:4004:c08::8a
2607:f8b0:4004:c09::5f
2607:f8b0:4004:c1b::5e
2607:f8b0:4004:c1b::61
2607:f8b0:4004:c1d::9a
2a04:4e42:200::649
35.226.151.233
01406c7813ca723d8c2cfe2ea12b84ebb6a0f59f18157d0e6d8d78c6adbf3c48
02022090a128f827a73275b9769fa1fa0e099daee90bd62d2fa8f430f25bcd26
0da50cff35708a2790dac0457ecdc3e52e3c811caef93c274fb3f394e7e8b6bf
0ebbdf8eb5c3a5d4fc0ae6905d3412fb12025834bb526eb121d68407fae7536b
0f66213216d83c3325b395ec7fb537d56e02afffa733b14f28f431ab04f7f681
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12cf623b335ff94b09f6ad5b8a1872467473da89059ac87ab383a8caee35d064
15fe0ea1dfa766a7e26466acf5f0017f889b13b7e0f3f8cb9cc90e2e5c3c482f
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
292bf8d61b62a6955a1caaea01836ea4c2df9a84c34e0fc9a0691bddd23b537f
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
4497d0c3c70278eb9e9a2bafd2dcbb30d0da5a89ed74099456202b2ee39e994c
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
47bd0459b956c9ab9e6940b8a38a318b83a56d8dc13962357b2fc5b6138df09f
47bd3866d67c6470ff420960ca0a2a44ce66ec8c88271b7cf99600529376b56c
4a1f1fbd7cae138f690aec083e31e485cfeaab806591228c6dd6ebe71ae982e8
4da345d0a59b80f29122537bc5e007b74f532f3dede23fc82bbab48faf06c6c3
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
54cc16e3d4bbf098040139a27883b54e3297f0c7931e5d0064bbdf2701dd1317
556c52e85ecfd0ada2ecc434384e36115a3048dad8c48db01ab35c0b0c0eda09
56743fb13c30a99e8674206ba266611a9ca40cd3b527b7ab459ed97d25fe4845
5738ce1247069f178bffbd1c3a4c0b29fbc7f51b6afb0ab20bae8db0915ef34b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
622edc39d6a1187c6243c73070fd0252afba3af18990c4952a9752816824c392
661a4243cf5ff51e76b35e0e50bf5581fca425ba99c946aae662e30fc760c0b8
670436067c74b747e4277b04931e435c29946f5f61d8418c7e8dcf6743f360c0
709374afd4dff7f475003e15d5fc2f0a50d9afe20bd3e95ba063758229ffeafe
72f42398709658d270987d46d4474ce31dff6514a4c924198483d93887b338c2
7417c5da0a35da8defb2434923e89cf1fa5f64f23c7d6c19818e77881d428c94
7886f0fabb454d5d05279431058babc8e94e262c92fef1950f4077da7aa7547c
7b66cd35e6475f8c6a348033b51487292fda25da91c72045cdd93b7fcbca7f9f
7bf9f0a3979ff1eecc80fbb62abb7e3071a344c194e39d7b06362bdda7ca0628
7cc3c51ff449e73e52a1fcda9a3b9e5a980d02ec85a8ee8cf81f63cfa29766e9
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
857e95f5d003bd04be798e18b5a83268cbffb657badfd6701627a516a9540ecb
89eea08902a502c4ee4eb0ced07988e768e55964b1184b5c4de2354546c2d50d
8d53c13bb6561a9cb1e9bd3fe8fd095d21587938f43aff7fea04c80c02836a40
92a9c134de3c4d96c607a48cb759b7852dee00692f29f588e2450ca966bef00a
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9453b17588f3b5b974aaec2950f3e887492cd2e57863d46241dd706186f4fd62
97fb4708fa522aa19ef6be15dd7002225d4b179a3e5dfa479df01bdda8375a92
990f173e7ce9870ca0b082937cb9e6945ad0c318fa8c73ec6d0df05379fef6e0
99cbf8461e06bcc64daaaba6ff5a06ac695e03b10687151091966afaccff6dd7
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9be0fc9cf8261849673d9e1f1aeed3a5f116ae77b013826463ea7ac1b0a5de14
9d6de6e74db1db45d1110878298ced42790e9e8fb43d40a7748f12f7ae91b802
a8228547f5a0d01357ac44efd4789d69de3617e0a21a0a0b32155c8217733365
a92eef548e30cee1b4f02d6910892da7c8ca271d9f8043a2e3f9e5237402b88e
ab0cb43d4edb2a4410953eee55184c500243f87f5440869bf9c862a461a90629
b69279bdd3c7f603016d20b0b18d9a98bfd61de1b96968bf20e0ad7e6149a257
bcfca8990efd74127c2691d9c5d44d448edcc2d4372bfb469326dd947f4648f6
be46e53117144f19f998cc38886635ece607ee47f32880b6f91a50d2e9c68124
c2171cb99fa0b38c1c427abe85c66025906ed6a0602b4ced85d10802f415714c
c4fcc74ecab8ed24dd9de68c0adc45b08c0b6f5105f8e2bf35b1dcbcb93b9ae2
c56af93517522834ec0ff79c58f0b330c61e9606d89f4801ff00b836fd2244ac
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
c99a0c4536ccd93c1f19147a4e4abdca478c8c8f472946f627e659f8dd7a2d7c
d850cadc389cddf7db20085f5612d9b09bf590126117283f284ecaa5f2dc8543
db58fbdd3b4cd12d729fd5d21a19ddc484943744299fc98c7103c0e4d1e5ae76
dee9eb50d5d1614e2d524152d8557029d4587881bdd706512732713ce4caa7cd
df8f44081c6ce8517dc973654bee1300b7c12642adbd646ecc83e2132692d365
e1e04b876d769e39d9b54e88e20e60a1258ec858473a8f216c76ce19daba9ebc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e8fd1a4ddc838148ddb16b4111f250aaebc12fa595445c04e621874f8e7201ee
eb4ce77b79f50cd1ca072086ea2dffbb1077de4922232bc7ad1f72ae12b8cb67

p.a2lmo8v1r.xyz Open in urlscan Pro 2606:4700:3031::6815:1c7e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

76 Requests

95 %HTTPS

82 %IPv6

17 Domains

22 Subdomains

21 IPs

1 Countries

14405 kBTransfer

16047 kBSize

7 Cookies

63 Outgoing links

Redirected requests

76 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

p.a2lmo8v1r.xyz Open in urlscan Pro
2606:4700:3031::6815:1c7e Public Scan

Screenshot
Live screenshot

Full Image

76
Requests

95 %
HTTPS

82 %
IPv6

17
Domains

22
Subdomains

21
IPs

1
Countries

14405 kB
Transfer

16047 kB
Size

7
Cookies

76 HTTP transactions
1 data transactions