www.nexiawellness.com Open in urlscan Pro
144.202.94.40  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

42 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.nexiawellness.com/	98 KB 15 KB	558ms 182ms	Document text/html	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 609a6d4388eb628c8ad5fd8a4983e2570d2d051b5369fd1df58c7a6d0b5418c9 Request headers :method GET :authority www.nexiawellness.com :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers server nginx date Wed, 02 Dec 2020 07:52:51 GMT content-type text/html; charset=UTF-8 content-length 14854 link <https://www.nexiawellness.com/wp-json/>; rel="https://api.w.org/", <https://www.nexiawellness.com/wp-json/wp/v2/pages/2240>; rel="alternate"; type="application/json", <https://www.nexiawellness.com/>; rel=shortlink cache-provider CLOUDWAYS-CACHE-DC content-encoding gzip vary Accept-Encoding last-modified Wed, 02 Dec 2020 07:52:49 GMT age 1 x-cache HIT accept-ranges bytes
GET H2	200	style.min.css www.nexiawellness.com/wp-includes/css/dist/block-library/	53 KB 8 KB	198ms 196ms	Stylesheet text/css	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:51 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 10:59:43 GMT server nginx etag W/"5fba449f-d293" vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:51 GMT
GET H2	200	theme.min.css www.nexiawellness.com/wp-includes/css/dist/block-library/	2 KB 912 B	207ms 205ms	Stylesheet text/css	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.5.3 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:51 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 10:58:48 GMT server nginx etag W/"5fba4468-8aa" vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:51 GMT
GET H2	200	rs6.css www.nexiawellness.com/wp-content/plugins/revslider/public/assets/css/	59 KB 13 KB	244ms 242ms	Stylesheet text/css	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.2.22 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash b86f3cdcccad303cb5300fab4d2774eafc3a2788f07ff1f3cd1953dd0debaa3f Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:51 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 11:01:49 GMT server nginx etag W/"5fba451d-ea95" vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:51 GMT
GET H2	200	style.min.css www.nexiawellness.com/wp-content/themes/Avada/assets/css/	106 KB 20 KB	315ms 314ms	Stylesheet text/css	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-content/themes/Avada/assets/css/style.min.css?ver=7.1.1 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash c247ef258664c45ef724c5e6e8600e076b091187f9217b3f51d258b9e9227536 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:51 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 11:02:57 GMT server nginx etag W/"5fba4561-1a9bb" vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:51 GMT
GET H2	200	style.css www.nexiawellness.com/wp-content/themes/Avada-Child-Theme/	186 B 332 B	343ms 341ms	Stylesheet text/css	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-content/themes/Avada-Child-Theme/style.css?ver=5.5.3 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 2dc50d424a96415697f26f2c39b67c70b10e8a95fd108b4d981aafe222392cf2 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:51 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 10:58:57 GMT server nginx etag W/"5fba4471-ba" vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:51 GMT
GET H2	200	5858fad19397bfd6c98d84850774d8c4.min.css www.nexiawellness.com/wp-content/uploads/fusion-styles/	1 MB 118 KB	389ms 388ms	Stylesheet text/css	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-content/uploads/fusion-styles/5858fad19397bfd6c98d84850774d8c4.min.css?ver=3.1.1 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash d912230d2fb61b8f1e3ba447a54e2d724d3ee0ed3f5add6d2b50aca730830e83 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:51 GMT content-encoding gzip last-modified Tue, 01 Dec 2020 01:27:18 GMT server nginx etag W/"5fc59bf6-1051fd" vary Accept-Encoding content-type text/css cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:51 GMT
GET H2	200	jquery.js Show response www.nexiawellness.com/wp-includes/js/jquery/	95 KB 33 KB	554ms 553ms	Script application/javascript	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:51 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 10:57:54 GMT server nginx etag W/"5fba4432-17a69" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:51 GMT
GET H2	200	rbtools.min.js Show response www.nexiawellness.com/wp-content/plugins/revslider/public/assets/js/	117 KB 44 KB	554ms 553ms	Script application/javascript	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.2.22 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 9556bca5ad5eb24439887d7339fcb687088776bbaa995553aa489c9607cf9e19 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:51 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 11:01:45 GMT server nginx etag W/"5fba4519-1d25a" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:51 GMT
GET H2	200	rs6.min.js Show response www.nexiawellness.com/wp-content/plugins/revslider/public/assets/js/	319 KB 82 KB	555ms 554ms	Script application/javascript	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.2.22 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 60f59e08903c3d0b70e928af542ded081c10a790b6c198c7026788b77f4256ac Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:51 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 11:00:36 GMT server nginx etag W/"5fba44d4-4fd58" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:51 GMT
GET H2	200	Color-logo-no-background-e1599602160471.png www.nexiawellness.com/wp-content/uploads/2020/09/	8 KB 8 KB	288ms 286ms	Image image/png	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://www.nexiawellness.com/wp-content/uploads/2020/09/Color-logo-no-background-e1599602160471.png Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 97915ca659ee3c87b8377615f95a26e244e20bd98af77d8dfc21823f91b835be Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT last-modified Sun, 22 Nov 2020 10:58:30 GMT server nginx etag "5fba4456-1f7d" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 8061 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H2	200	wp-emoji-release.min.js Show response www.nexiawellness.com/wp-includes/js/	14 KB 5 KB	289ms 288ms	Script application/javascript	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 10:59:03 GMT server nginx etag W/"5fba4477-37a6" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H2	200	pexels-nathan-cowley-1199607-1-400x266.jpg www.nexiawellness.com/wp-content/uploads/2020/10/	15 KB 15 KB	294ms 293ms	Image image/jpeg	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://www.nexiawellness.com/wp-content/uploads/2020/10/pexels-nathan-cowley-1199607-1-400x266.jpg Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 7be71ea11d1f38248bdc9bfff17dfcccc85d315141d598b6c7fbb1416265d602 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT last-modified Sun, 22 Nov 2020 10:59:12 GMT server nginx etag "5fba4480-3bf6" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 15350 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H2	200	jony-ariadi-QZub8Ni3x_c-unsplash-200x300.jpg www.nexiawellness.com/wp-content/uploads/2020/10/	8 KB 9 KB	297ms 296ms	Image image/jpeg	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://www.nexiawellness.com/wp-content/uploads/2020/10/jony-ariadi-QZub8Ni3x_c-unsplash-200x300.jpg Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 78d7f6b73382343400e1e078c4f76316038ab5ecc011c87c815fd1661ad27c43 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT last-modified Sun, 22 Nov 2020 11:06:03 GMT server nginx etag "5fba461b-21a1" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 8609 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H2	200	emily-sea-coiWR0gT8Cw-unsplash-400x400.jpg www.nexiawellness.com/wp-content/uploads/2020/10/	15 KB 15 KB	303ms 302ms	Image image/jpeg	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://www.nexiawellness.com/wp-content/uploads/2020/10/emily-sea-coiWR0gT8Cw-unsplash-400x400.jpg Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 026c22e7ff72ceb359448451e80517b245784e70648c381b23088545d674a809 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT last-modified Sun, 22 Nov 2020 11:05:51 GMT server nginx etag "5fba460f-3ceb" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 15595 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H2	200	spiritualism-4552237_640-400x289.jpg www.nexiawellness.com/wp-content/uploads/2020/10/	28 KB 28 KB	341ms 339ms	Image image/jpeg	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://www.nexiawellness.com/wp-content/uploads/2020/10/spiritualism-4552237_640-400x289.jpg Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash c33dbe3c591693a9934edeffd6dc4703788f603abc77f9624ac54810c7147e6c Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT last-modified Sun, 22 Nov 2020 11:04:22 GMT server nginx etag "5fba45b6-6e9a" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 28314 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H/1.1	200 OK	300x200 placehold.it/	1 KB 1 KB	490ms 122ms	Image image/png	2600:3c00::f03c:91ff:fe60:d792 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://placehold.it/300x200 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:3c00::f03c:91ff:fe60:d792 , United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS Software nginx/1.6.2 / Resource Hash 630b55175e60b0b89d59794b5d33bffdfd6089052222fc1d6a016b9ed1eb395b Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 02 Dec 2020 07:52:51 GMT Last-Modified Mon, 09 Nov 2020 18:00:08 GMT Server nginx/1.6.2 ETag "5fa983a8-446" X-Cache L1 Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 1094 Expires Wed, 09 Dec 2020 07:52:51 GMT
GET H2	200	essential-oils-3456303_640-400x232.jpg www.nexiawellness.com/wp-content/uploads/2020/10/	25 KB 25 KB	350ms 349ms	Image image/jpeg	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://www.nexiawellness.com/wp-content/uploads/2020/10/essential-oils-3456303_640-400x232.jpg Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 72c9e4d012aff2d59836ae7ed0d23d2bb4dd851348a49e293a196752989ea0ec Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT last-modified Sun, 22 Nov 2020 10:59:00 GMT server nginx etag "5fba4474-6511" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 25873 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H2	200	anesthesia-4677401_640-400x266.jpg www.nexiawellness.com/wp-content/uploads/2020/10/	16 KB 16 KB	358ms 357ms	Image image/jpeg	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://www.nexiawellness.com/wp-content/uploads/2020/10/anesthesia-4677401_640-400x266.jpg Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 64ead97e2233886c88d5f97e30e21435a225d8329ed786bbfb65a043021f9ee1 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT last-modified Sun, 22 Nov 2020 10:59:19 GMT server nginx etag "5fba4487-3ff7" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 16375 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H2	200	scripts.js Show response www.nexiawellness.com/wp-content/plugins/contact-form-7/includes/js/	14 KB 4 KB	182ms 181ms	Script application/javascript	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.2 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 10:59:36 GMT server nginx etag W/"5fba4498-3719" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H2	200	19f00b30a371855eb46db82caf046363.min.js Show response www.nexiawellness.com/wp-content/uploads/fusion-scripts/	1 MB 292 KB	190ms 189ms	Script application/javascript	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-content/uploads/fusion-scripts/19f00b30a371855eb46db82caf046363.min.js?ver=3.1.1 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash bb7ae256d7819f60015a76f97d6501e1523dd10e93597e2635ffc7d5d3e4d256 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT content-encoding gzip last-modified Wed, 02 Dec 2020 07:48:12 GMT server nginx etag W/"5fc746bc-1158c5" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H2	200	wp-embed.min.js Show response www.nexiawellness.com/wp-includes/js/	1 KB 962 B	285ms 283ms	Script application/javascript	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Full URL https://www.nexiawellness.com/wp-includes/js/wp-embed.min.js?ver=5.5.3 Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT content-encoding gzip last-modified Sun, 22 Nov 2020 11:01:08 GMT server nginx etag W/"5fba44f4-59a" vary Accept-Encoding content-type application/javascript cache-control max-age=2592000 expires Fri, 01 Jan 2021 07:52:52 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff fonts.gstatic.com/s/roboto/v20/	14 KB 14 KB	6ms 5ms	Font font/woff	2a00:1450:4001:819::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxMKTU1Kg.woff Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/wp-content/uploads/fusion-styles/5858fad19397bfd6c98d84850774d8c4.min.css?ver=3.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:819::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9ee971ab559e3a2c9b2392868f33fb90d3d17c8564846fd307781ed8acda16d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.nexiawellness.com Referer https://www.nexiawellness.com/wp-content/uploads/fusion-styles/5858fad19397bfd6c98d84850774d8c4.min.css?ver=3.1.1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Mon, 30 Nov 2020 10:08:39 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:50 GMT server sffe age 164653 content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14320 x-xss-protection 0 expires Tue, 30 Nov 2021 10:08:39 GMT
GET H/1.1	200 OK	/ placehold.it/1950x1200/333333/ffffff/	8 KB 8 KB	505ms 125ms	Image image/png	2600:3c00::f03c:91ff:fe60:d792 LINODE-AP Linode
General Check archive.org Show headers Download Go to Show image Full URL https://placehold.it/1950x1200/333333/ffffff/ Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2600:3c00::f03c:91ff:fe60:d792 , United States, ASN63949 (LINODE-AP Linode, LLC, US), Reverse DNS Software nginx/1.6.2 / Resource Hash 82be03fb41604d482c6d6f236c5af4d39388a33de74d9493f7e216f68583a71c Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers Date Wed, 02 Dec 2020 07:52:51 GMT Last-Modified Mon, 09 Nov 2020 18:00:02 GMT Server nginx/1.6.2 ETag "5fa983a2-1fdf" X-Cache L1 Content-Type image/png Cache-Control max-age=604800 Connection keep-alive Accept-Ranges bytes Content-Length 8159 Expires Wed, 09 Dec 2020 07:52:51 GMT
GET H3-Q050	200	KFOlCnqEu92Fr1MmSU5fBBc-AMP6lQ.woff fonts.gstatic.com/s/roboto/v20/	14 KB 14 KB	30ms 15ms	Font font/woff	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc-AMP6lQ.woff Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/wp-content/uploads/fusion-styles/5858fad19397bfd6c98d84850774d8c4.min.css?ver=3.1.1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a3af0442693e816f0d7f49a7658ee06cfaa4378cd8c570cd2fc8251e9715869f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.nexiawellness.com Referer https://www.nexiawellness.com/wp-content/uploads/fusion-styles/5858fad19397bfd6c98d84850774d8c4.min.css?ver=3.1.1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:22:20 GMT x-content-type-options nosniff last-modified Wed, 24 Jul 2019 01:18:54 GMT server sffe age 505832 content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14520 x-xss-protection 0 expires Fri, 26 Nov 2021 11:22:20 GMT
GET		icomoon.woff wordpress-503510-1620696.cloudwaysapps.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/	0 0
GET H3-Q050	200	mem8YaGs126MiZpBA-UFVZ0df8pkAg.woff fonts.gstatic.com/s/opensans/v18/	12 KB 12 KB	28ms 14ms	Font font/woff	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0df8pkAg.woff Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/wp-content/uploads/fusion-styles/5858fad19397bfd6c98d84850774d8c4.min.css?ver=3.1.1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ef84687ea3887cb44dc4d52ec27569a7b65f6ac8c87356b72ae1568a0e3ea9a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.nexiawellness.com Referer https://www.nexiawellness.com/wp-content/uploads/fusion-styles/5858fad19397bfd6c98d84850774d8c4.min.css?ver=3.1.1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 26 Nov 2020 11:21:02 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:27 GMT server sffe age 505910 content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12028 x-xss-protection 0 expires Fri, 26 Nov 2021 11:21:02 GMT
GET		fa-solid-900.woff2 wordpress-503510-1620696.cloudwaysapps.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/	0 0
GET H2	200	ehform.js Show response d2p078bqz5urf7.cloudfront.net/jsapi/	651 B 1 KB	38ms 6ms	Script application/javascript	2600:9000:20eb:1c00:16:fcb5:d4c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p078bqz5urf7.cloudfront.net/jsapi/ehform.js Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:1c00:16:fcb5:d4c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.10.1 / Resource Hash b31bfd1543aed4c652776d147f06c2cccc0faebb257d7fe55c8656e661da7ad4 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 24 Nov 2020 14:20:24 GMT via 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront) last-modified Tue, 24 Nov 2020 14:12:30 GMT server nginx/1.10.1 age 667948 etag "5fbd14ce-28b" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=315360000 x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 651 x-amz-cf-id YSong8KUD8HDGBU31cYe-q9JZk06pJGN92vMmFe9H4JBgJ6owJgvtw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H3-Q050	200	mem5YaGs126MiZpBA-UNirkOUuhvKKSTjw.woff fonts.gstatic.com/s/opensans/v18/	12 KB 12 KB	6ms 6ms	Font font/woff	2a00:1450:4001:814::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhvKKSTjw.woff Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/wp-content/uploads/fusion-styles/5858fad19397bfd6c98d84850774d8c4.min.css?ver=3.1.1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:814::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 097e4f99ba05d11c37b77700d5769c4a4dc895a0fdc881bf47d55ccd6b5e6fb5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.nexiawellness.com Referer https://www.nexiawellness.com/wp-content/uploads/fusion-styles/5858fad19397bfd6c98d84850774d8c4.min.css?ver=3.1.1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 01 Dec 2020 15:11:04 GMT x-content-type-options nosniff last-modified Tue, 15 Sep 2020 18:09:47 GMT server sffe age 60108 content-type font/woff access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 12096 x-xss-protection 0 expires Wed, 01 Dec 2021 15:11:04 GMT
GET H2	200	v197.js Show response d2p078bqz5urf7.cloudfront.net/jsapi/min/	201 KB 62 KB	8ms 8ms	Script application/javascript	2600:9000:20eb:1c00:16:fcb5:d4c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p078bqz5urf7.cloudfront.net/jsapi/min/v197.js Requested by Host: d2p078bqz5urf7.cloudfront.net URL: https://d2p078bqz5urf7.cloudfront.net/jsapi/ehform.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:1c00:16:fcb5:d4c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.10.1 / Resource Hash 25b6a73799d0ecfb72d9dceed938ac25ed432343254d154af790fa136096f240 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 24 Nov 2020 14:20:24 GMT content-encoding gzip last-modified Tue, 24 Nov 2020 14:09:47 GMT server nginx/1.10.1 age 667948 etag W/"5fbd142b-32279" vary Accept-Encoding,Accept-Encoding x-cache Hit from cloudfront content-type application/javascript via 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA2-C1 x-amz-cf-id 3wK1RSUPW6uBNukKBLDENjqzc-tIQxDNY8KUB6M4wcxN66S2Onr39w== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	min_v6.css d2p078bqz5urf7.cloudfront.net/jsapi/css/iframe/	2 KB 935 B	6ms 6ms	Stylesheet text/css	2600:9000:20eb:1c00:16:fcb5:d4c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p078bqz5urf7.cloudfront.net/jsapi/css/iframe/min_v6.css Requested by Host: d2p078bqz5urf7.cloudfront.net URL: https://d2p078bqz5urf7.cloudfront.net/jsapi/min/v197.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:1c00:16:fcb5:d4c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.10.1 / Resource Hash 668c4ea01b5ad8f78a731ab245c4e23994efb33d0a6f525d5b0f42828b2e2591 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 21 Nov 2020 13:09:00 GMT content-encoding gzip last-modified Mon, 06 Apr 2020 12:16:31 GMT server nginx/1.10.1 age 931432 etag W/"5e8b1d9f-844" vary Accept-Encoding,Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA2-C1 x-amz-cf-id nns7aeEkNaO0SICGv1_AULZEiSdRg4N9NUe5nL5d7fNqmnATwoJ9qQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	leadgrabbers Show response app.engagebay.com/jsapi/rest/	2 KB 1 KB	218ms 187ms	XHR application/json	2a00:1450:4001:825::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.engagebay.com/jsapi/rest/leadgrabbers?apiKey=v77e6quv3fbrkpdkf6lbgncaag Requested by Host: d2p078bqz5urf7.cloudfront.net URL: https://d2p078bqz5urf7.cloudfront.net/jsapi/min/v197.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 900a88504926b5141507f5f03dd516b138c7734b124faafcd24763d9a6835c2e Request headers Accept application/json Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT content-encoding gzip server Google Frontend vary Accept-Encoding access-control-allow-methods HEAD, OPTIONS, GET, POST, PUT, DELETE content-type application/json;charset=utf-8 access-control-allow-origin https://www.nexiawellness.com x-cloud-trace-context 47673f31f20839ac0989765ae90596e0 cache-control private access-control-allow-credentials true access-control-allow-headers x-requested-with,Content-Type,Authorization content-length 920
POST H2	200	embed-forms Show response app.engagebay.com/jsapi/rest/	10 KB 3 KB	902ms 879ms	XHR application/json	2a00:1450:4001:825::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.engagebay.com/jsapi/rest/embed-forms? Requested by Host: d2p078bqz5urf7.cloudfront.net URL: https://d2p078bqz5urf7.cloudfront.net/jsapi/min/v197.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 27e4a598a97bb9dbd6da6173e723287e8935377a0d253183bdd123b484d11e04 Request headers Accept application/json Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 02 Dec 2020 07:52:53 GMT content-encoding gzip server Google Frontend vary Accept-Encoding access-control-allow-methods HEAD, OPTIONS, GET, POST, PUT, DELETE content-type application/json;charset=utf-8 access-control-allow-origin https://www.nexiawellness.com x-cloud-trace-context 70ea4fc45b53341b1cd7853481709967 cache-control private access-control-allow-credentials true access-control-allow-headers x-requested-with,Content-Type,Authorization content-length 3234
POST H2	200	add-visitor Show response app.engagebay.com/jsapi/rest/	1 KB 675 B	759ms 738ms	XHR application/json	2a00:1450:4001:825::2013 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://app.engagebay.com/jsapi/rest/add-visitor? Requested by Host: d2p078bqz5urf7.cloudfront.net URL: https://d2p078bqz5urf7.cloudfront.net/jsapi/min/v197.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:825::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Frontend / Resource Hash 8fbe922525806d1e504f172da57a496525587394e3cdbd38c8ec4a2aad29418c Request headers Accept application/json Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Wed, 02 Dec 2020 07:52:52 GMT content-encoding gzip server Google Frontend vary Accept-Encoding access-control-allow-methods HEAD, OPTIONS, GET, POST, PUT, DELETE content-type application/json;charset=utf-8 access-control-allow-origin https://www.nexiawellness.com x-cloud-trace-context 4441ab16c8441e068bfb339976d3f921 cache-control private access-control-allow-credentials true access-control-allow-headers x-requested-with,Content-Type,Authorization content-length 582
GET H2	200	ben-kolde-FaPxZ88yZrw-unsplash.jpg www.nexiawellness.com/wp-content/uploads/2020/10/	70 KB 71 KB	182ms 181ms	Image image/jpeg	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://www.nexiawellness.com/wp-content/uploads/2020/10/ben-kolde-FaPxZ88yZrw-unsplash.jpg Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash ed75153ba3e6648be0183dda0481a9bb8173bdf3d120d3abf9c366ce24b5191d Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:52 GMT last-modified Sun, 22 Nov 2020 10:59:30 GMT server nginx etag "5fba4492-119b0" content-type image/jpeg cache-control max-age=2592000 accept-ranges bytes content-length 72112 expires Fri, 01 Jan 2021 07:52:52 GMT
GET		icomoon.ttf wordpress-503510-1620696.cloudwaysapps.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/	0 0
GET		fa-solid-900.woff wordpress-503510-1620696.cloudwaysapps.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/	0 0
GET H2	200	min_v39.css d2p078bqz5urf7.cloudfront.net/jsapi/css/ Frame 3D30	61 KB 11 KB	10ms 10ms	Stylesheet text/css	2600:9000:20eb:1c00:16:fcb5:d4c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2p078bqz5urf7.cloudfront.net/jsapi/css/min_v39.css Requested by Host: d2p078bqz5urf7.cloudfront.net URL: https://d2p078bqz5urf7.cloudfront.net/jsapi/min/v197.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:1c00:16:fcb5:d4c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.10.1 / Resource Hash 68c057c12dc6ca6a5384381d7f59bce8513dd5697eb25a3934e995e0c8ec5f34 Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Thu, 03 Sep 2020 17:07:23 GMT content-encoding gzip last-modified Thu, 03 Sep 2020 17:05:54 GMT server nginx/1.10.1 age 7742730 etag W/"5f512272-f51c" vary Accept-Encoding,Accept-Encoding x-cache Hit from cloudfront content-type text/css via 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront) cache-control max-age=315360000 x-amz-cf-pop FRA2-C1 x-amz-cf-id vxor7e39wFmIDM_Vv2RwjPf4Y71gelTghuXwMBcei6-FWVLqpw_Pgw== expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	ebpowered.png d2p078bqz5urf7.cloudfront.net/cloud/assets/email-img/ Frame 3D30	541 B 912 B	8ms 8ms	Image image/png	2600:9000:20eb:1c00:16:fcb5:d4c0:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d2p078bqz5urf7.cloudfront.net/cloud/assets/email-img/ebpowered.png Requested by Host: www.nexiawellness.com URL: https://www.nexiawellness.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:20eb:1c00:16:fcb5:d4c0:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx/1.10.1 / Resource Hash f5026fb35b64400aec74033cb557617aea2c0b847452a58f3d714229a6250c6f Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Tue, 15 Sep 2020 09:52:48 GMT via 1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront) last-modified Tue, 03 Jul 2018 07:49:34 GMT server nginx/1.10.1 age 6732005 etag "5b3b2a8e-21d" x-cache Hit from cloudfront content-type image/png cache-control max-age=315360000 x-amz-cf-pop FRA2-C1 accept-ranges bytes content-length 541 x-amz-cf-id L6dvVCb3SckVoDbo2H5uOcS-tYSXESg7wAAdKZUE58VmylGZ8fk7zQ== expires Thu, 31 Dec 2037 23:55:55 GMT
GET		fa-solid-900.ttf wordpress-503510-1620696.cloudwaysapps.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/	0 0
GET H2	200	Color-logo-no-background-1-e1599602305323.png www.nexiawellness.com/wp-content/uploads/2020/09/	17 KB 17 KB	184ms 183ms	Image image/png	144.202.94.40 AS-CHOOPA
General Check archive.org Show headers Download Go to Show image Full URL https://www.nexiawellness.com/wp-content/uploads/2020/09/Color-logo-no-background-1-e1599602305323.png Protocol H2 Security TLS 1.3, , AES_256_GCM Server 144.202.94.40 Seattle, United States, ASN20473 (AS-CHOOPA, US), Reverse DNS 144.202.94.40.vultr.com Software nginx / Resource Hash 21389f71563f14ef22ac87cfdf2091eaf30328ae4134b1f45e71af406e441b1a Request headers Referer https://www.nexiawellness.com/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Wed, 02 Dec 2020 07:52:53 GMT last-modified Sun, 22 Nov 2020 11:01:15 GMT server nginx etag "5fba44fb-4241" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 16961 expires Fri, 01 Jan 2021 07:52:53 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

wordpress-503510-1620696.cloudwaysapps.com

URL

https://wordpress-503510-1620696.cloudwaysapps.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.woff

Domain

wordpress-503510-1620696.cloudwaysapps.com

URL

https://wordpress-503510-1620696.cloudwaysapps.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2

Domain

wordpress-503510-1620696.cloudwaysapps.com

URL

https://wordpress-503510-1620696.cloudwaysapps.com/wp-content/themes/Avada/includes/lib/assets/fonts/icomoon/icomoon.ttf

Domain

wordpress-503510-1620696.cloudwaysapps.com

URL

https://wordpress-503510-1620696.cloudwaysapps.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.woff

Domain

wordpress-503510-1620696.cloudwaysapps.com

URL

https://wordpress-503510-1620696.cloudwaysapps.com/wp-content/themes/Avada/includes/lib/assets/fonts/fontawesome/webfonts/fa-solid-900.ttf

273 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings undefined| $ function| jQuery object| gsapVersions object| tpGS object| punchgs object| RSANYID object| RSANYID_sliderID function| setREVStartSize object| doc object| EhAPI function| fusionNavIsCollapsed function| fusionRunNavIsCollapsed function| avadaGetScrollBarWidth object| wpcf7 function| engagehub_load_cloud_static_file object| EhAccount object| EbayOldGrabber function| eh_show_ui function| eh_show_grabber function| eh_show_grabber_popups function| eh_hide_grabber function| eh_resize_popup_iframe function| eh_reset_popup_iframe function| engagebay_load_popup_frame_css function| eh_execute_actions function| eh_execute_action function| eh_execute_when function| eh_get_scroll_percent function| eh_validate_rules function| eh_is_valid_rule function| eh_is_valid_conditional_rule function| eh_isMobileBrowser function| eh_getMatchingTag function| eh_getSubscriber function| eh_getLeadScore function| eh_getSubscriberCreatedTime function| engagebay_is_valid_lead_score function| engagebay_is_valid_created_time undefined| _eh_mouseY boolean| _eh_exit_intent_shown function| eh_exit_intent function| eh_exit_intent_ie function| eh_exit_intent_firefox function| eh_show_form_ui function| eh_get_form_font_style function| eh_show_form function| enableFileUploadEvents function| enableSubmitButton function| eh_resize_form_iframe function| eh_deserialize_form function| getAllMatchedElements function| getAllMatchedSourceFormElements object| EhForm object| EhForms object| EhGrabbers object| EhLiveChat function| EngageBay_Livechat object| EhLog object| EhPush object| Ehub_recaptcha object| EngHub_Storage object| EhSync object| EhAsync function| eh_toLowerCase function| eh_match_urls function| eh_is_browser function| eh_is_mobile_browser function| eh_find_closest function| eh_url_param function| eh_url_form_redirect_param function| eh_generate_uuidv4 object| Account_Box_File_Upload function| eh_fill_submit_success_message object| Engagebay_Util object| EhGrabberVisitor object| EhWebAutomations object| EhWebRules function| _engageBay_setup_source function| _engageBay_get_sbjs_info object| ENGAGEBAY_IFRAME_RESIZE_HANDLER object| Engagebay_JS_Settings object| sbjs object| EngageBay_StickyBar function| UAParser boolean| __ENGAGEBAY_TRACK_PAGE_DONE object| cssua object| fusionMenuVars function| fusionNavClickExpandBtn function| fusionNavClickExpandSubmenuBtn function| fusionNavMegamenuPosition function| fusionNavMobilePosition function| fusionNavSubmenuDirection function| fusionNavSearchOverlay function| fusionNavCloseFlyoutSub function| fusionNavAltArrowsClass function| fusionNavRunAll function| fusionAdjustNavMobilePosition object| fusionRecentPostsVars object| formCreatorConfig object| fusionAnimationsVars function| fusionSetMobileAnimationData function| fusionSetAnimationData object| fusionVideoVars object| fusionJSVars object| fusion object| fusionMapsVars object| fusionLightboxVideoVars object| fusionLightboxVars function| avadaLightBoxInitializeLightbox object| fusionCarouselVars function| generateCarousel object| fusionFlexSliderVars function| fusionInitPostFlexSlider function| fusionDestroyPostFlexSlider function| fusionInitTooltips object| fusionBlogVars object| avadaCommentVars function| avadaAddQuantityBoxes function| compositeAddQuantityBoxes function| calcSelectArrowDimensions object| avadaRevVars function| avadaAddRevStyles function| avadaRemoveRevStyles object| avadaLiveSearchVars function| avadaLiveSearch object| avadaFusionSliderVars function| updateVideoTag function| avadaFusionSlider object| avadaSelectVars function| addAvadaSelectStyles function| removeAvadaSelectStyles object| avadaToTopVars function| avadaUpdateToTopPostion object| avadaMenuVars function| resizeOverlaySearch object| avadaHeaderVars function| fusionDisableStickyHeader function| fusionInitStickyHeader function| getStickyHeaderHeight function| getWaypointTopOffset object| avadaSidebarsVars function| fusionReSettStickySidebarStatus function| setStickySidebarStatus function| calcStickySidebarOffset function| fusionGetScrollOffset object| fusionTypographyVars function| fusionCalculateResponsiveTypeValues function| fusionSetOriginalTypographyData function| fusionInitTypography object| fusionScrollToAnchorVars function| checkHoverTouchState function| getAdminbarHeight function| getWaypointOffset object| fusionVideoGeneralVars object| fusionTimeout undefined| prevCallback function| insertParam function| registerYoutubePlayers function| loadYoutubeIframeAPI function| onYouTubePlayerAPIReadyCallback function| onPlayerStateChange function| onPlayerReady function| ytVidId function| playVideoAndPauseOthers function| fusionYouTubeTimeout object| fusionVideoBgVars object| $youtubeBGVideos function| _fbRowGetAllElementsWithAttribute function| _fbRowOnPlayerReady function| _fbRowOnPlayerStateChange function| resizeVideo function| onYouTubeIframeAPIReady function| vimeoReady function| fusionInitVimeoPlayers function| _fusionRefreshScroll function| _fusionParallaxAll function| _fusionRefreshWindow object| fusionEqualHeightVars object| avadaPortfolioVars object| fusionTestimonialVars object| fusionTabVars function| getScrollBarWidth function| fusionInitGallery object| fusionCountersBox object| fusionContainerVars function| fusionInitStickyContainers function| fusionInitSticky function| fusionGetStickyOffset function| initScrollingSections function| setCorrectResizeValuesForScrollSections function| scrollToCurrentScrollSection function| getScrollSectionPositionValues function| fusionCalcColumnEqualHeights object| fusionBgImageVars object| Modernizr function| Color function| Chart object| lottie object| bodymovin object| jQuery112403928076927871087 function| flatpickr object| fusionForms function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Waypoint object| browserPrefixes function| EventEmitter object| eventie function| imagesLoaded object| avadaLightBox object| $ilInstances object| Vimeo boolean| VimeoPlayerResizeEmbeds_ function| YTReady function| onYouTubePlayerAPIReady object| _fusionImageParallaxImages function| Packery object| fusionEqualHeightsCids object| wp string| waypointContextKey number| lastYPosition boolean| scrollDisabled string| fusionBaseFontSize string| responsiveTypeElements number| _fusionScrollTop number| _fusionWindowHeight number| _fusionScrollLeft number| _fusionWindowWidth object| twemoji object| fusionVimeoPlayers boolean| mobileMenuSepAdded number| $headerParentHeight number| $headerHeight number| $menuHeight number| $scrolled_header_height object| $stickyTrigger number| $wpadminbarHeight number| $stickyTrigger_position number| $woo_store_notice number| $top_frame number| sticky_header_type number| $slider_offset number| $site_width boolean| $media_query_test_1 boolean| $media_query_test_2 boolean| $media_query_test_3 boolean| $media_query_test_4 number| $standardLogoHeight number| $logoMarginTop number| $logoMarginBottom number| $initial_desktop_header_height string| $initial_sticky_header_shrinkage boolean| $sticky_can_be_shrinked number| original_logo_height number| $original_sticky_trigger_height boolean| fusionAccordianClick

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nexiawellness.com/	1970-01-19 17:14:23	Name: _engagebay_visitor_id Value: 6572819174391808
			.nexiawellness.com/	1969-12-31 23:59:59	Name: v77e6quv3fbrkpdkf6lbgncaag-session Value: 6de91187-8753-4a3e-a551-3ecb719c19ae
			.nexiawellness.com/	1970-01-19 14:21:37	Name: sbjs_session Value: pgs%3D1%7C%7Ccpg%3Dhttps%3A%2F%2Fwww.nexiawellness.com%2F
			.nexiawellness.com/	1970-01-19 16:31:11	Name: sbjs_current Value: typ%3Dtypein%7C%7Csrc%3D%28direct%29%7C%7Cmdm%3D%28none%29%7C%7Ccmp%3D%28none%29%7C%7Ccnt%3D%28none%29%7C%7Ctrm%3D%28none%29
			.nexiawellness.com/	1970-01-19 16:31:11	Name: sbjs_migrations Value: 1418474375998%3D1
			.nexiawellness.com/	1970-01-19 16:31:11	Name: sbjs_first_add Value: fd%3D2020-12-02%2008%3A52%3A52%7C%7Cep%3Dhttps%3A%2F%2Fwww.nexiawellness.com%2F%7C%7Crf%3D%28none%29
			.nexiawellness.com/	1970-01-19 16:31:11	Name: sbjs_udata Value: vst%3D1%7C%7Cuip%3D%28none%29%7C%7Cuag%3DMozilla%2F5.0%20%28Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F83.0.4103.61%20Safari%2F537.36
			.nexiawellness.com/	1970-01-19 16:31:11	Name: sbjs_first Value: typ%3Dtypein%7C%7Csrc%3D%28direct%29%7C%7Cmdm%3D%28none%29%7C%7Ccmp%3D%28none%29%7C%7Ccnt%3D%28none%29%7C%7Ctrm%3D%28none%29
			.nexiawellness.com/	1970-01-19 16:31:11	Name: sbjs_current_add Value: fd%3D2020-12-02%2008%3A52%3A52%7C%7Cep%3Dhttps%3A%2F%2Fwww.nexiawellness.com%2F%7C%7Crf%3D%28none%29

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://d2p078bqz5urf7.cloudfront.net/jsapi/min/v197.js(Line 1) Message: setTrackDomain nexiawellness.com
console-api	log	URL: https://d2p078bqz5urf7.cloudfront.net/jsapi/min/v197.js(Line 1) Message: setTrackDomain nexiawellness.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.engagebay.com
d2p078bqz5urf7.cloudfront.net
fonts.gstatic.com
placehold.it
wordpress-503510-1620696.cloudwaysapps.com
www.nexiawellness.com
wordpress-503510-1620696.cloudwaysapps.com
144.202.94.40
2600:3c00::f03c:91ff:fe60:d792
2600:9000:20eb:1c00:16:fcb5:d4c0:21
2a00:1450:4001:814::2003
2a00:1450:4001:819::2003
2a00:1450:4001:825::2013
026c22e7ff72ceb359448451e80517b245784e70648c381b23088545d674a809
097e4f99ba05d11c37b77700d5769c4a4dc895a0fdc881bf47d55ccd6b5e6fb5
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
21389f71563f14ef22ac87cfdf2091eaf30328ae4134b1f45e71af406e441b1a
25b6a73799d0ecfb72d9dceed938ac25ed432343254d154af790fa136096f240
27e4a598a97bb9dbd6da6173e723287e8935377a0d253183bdd123b484d11e04
2dc50d424a96415697f26f2c39b67c70b10e8a95fd108b4d981aafe222392cf2
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
609a6d4388eb628c8ad5fd8a4983e2570d2d051b5369fd1df58c7a6d0b5418c9
60f59e08903c3d0b70e928af542ded081c10a790b6c198c7026788b77f4256ac
630b55175e60b0b89d59794b5d33bffdfd6089052222fc1d6a016b9ed1eb395b
64ead97e2233886c88d5f97e30e21435a225d8329ed786bbfb65a043021f9ee1
668c4ea01b5ad8f78a731ab245c4e23994efb33d0a6f525d5b0f42828b2e2591
68c057c12dc6ca6a5384381d7f59bce8513dd5697eb25a3934e995e0c8ec5f34
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
72c9e4d012aff2d59836ae7ed0d23d2bb4dd851348a49e293a196752989ea0ec
78d7f6b73382343400e1e078c4f76316038ab5ecc011c87c815fd1661ad27c43
7be71ea11d1f38248bdc9bfff17dfcccc85d315141d598b6c7fbb1416265d602
82be03fb41604d482c6d6f236c5af4d39388a33de74d9493f7e216f68583a71c
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8fbe922525806d1e504f172da57a496525587394e3cdbd38c8ec4a2aad29418c
900a88504926b5141507f5f03dd516b138c7734b124faafcd24763d9a6835c2e
9556bca5ad5eb24439887d7339fcb687088776bbaa995553aa489c9607cf9e19
97915ca659ee3c87b8377615f95a26e244e20bd98af77d8dfc21823f91b835be
9ee971ab559e3a2c9b2392868f33fb90d3d17c8564846fd307781ed8acda16d7
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
a3af0442693e816f0d7f49a7658ee06cfaa4378cd8c570cd2fc8251e9715869f
b31bfd1543aed4c652776d147f06c2cccc0faebb257d7fe55c8656e661da7ad4
b86f3cdcccad303cb5300fab4d2774eafc3a2788f07ff1f3cd1953dd0debaa3f
bb7ae256d7819f60015a76f97d6501e1523dd10e93597e2635ffc7d5d3e4d256
c247ef258664c45ef724c5e6e8600e076b091187f9217b3f51d258b9e9227536
c33dbe3c591693a9934edeffd6dc4703788f603abc77f9624ac54810c7147e6c
d912230d2fb61b8f1e3ba447a54e2d724d3ee0ed3f5add6d2b50aca730830e83
ed75153ba3e6648be0183dda0481a9bb8173bdf3d120d3abf9c366ce24b5191d
ef84687ea3887cb44dc4d52ec27569a7b65f6ac8c87356b72ae1568a0e3ea9a3
f5026fb35b64400aec74033cb557617aea2c0b847452a58f3d714229a6250c6f