| firefox.settings.services.mozilla.com/v1/ | 54.230.111.7 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP54.230.111.7:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qHL3bq0cI13TCaTCWuNK2nvC4J7JpgVhwSTjiBsW0JHvAAcAuF6_QA==
Age: 13380
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hasheabb7d9ffae717f7305d63c057755470 3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3311
Expires: Wed, 05 Oct 2022 20:25:29 GMT
Date: Wed, 05 Oct 2022 19:30:18 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4ab7d8709d334de0e46dcb86aabfbff1 f221138a8ad9d0bfa3c054370dcdb363a67dc310 b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5569
Expires: Wed, 05 Oct 2022 21:03:07 GMT
Date: Wed, 05 Oct 2022 19:30:18 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: R3lqwT5IgjPmg0khHopyyIPFdNNy7juJtVfOWuNnYOm2a+9aofM8MY/JA0u6izZBOLrdqJDEcjM=
x-amz-request-id: 76VCNTFT6TNYQRSP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 05 Oct 2022 18:30:26 GMT
age: 3592
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| wellnesstoday02.com/ | 104.16.16.194 | 302 Found | 483 B |
IP104.16.16.194:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (468) Hashd41b103190d7247e9edfda8412353b8b 8e622a54595e7ed5efe4b6f7378525af5468b983 756f50e74f2b526a472689d36dd2a862cacbb0e2ea1879362688a2faa5182f10
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 05 Oct 2022 19:30:18 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://wellnesstoday02.com/prodentim
CF-Ray: 75589231f8a8b51d-OSL
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store
Vary: Accept-Encoding
CF-Cache-Status: BYPASS
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Request-Method: *
Pragma: no-cache
Status: 302 Found
X-Frame-Options: ALLOWALL
X-Powered-By: Phusion Passenger Enterprise 6.0.7
X-Rack-Cache: miss
X-Request-Id: 0e8ca577b3fa014cd18a696dcbf1539a
X-Runtime: 0.191778
Set-Cookie: __cf_bm=XOzn2H_IJgjGZC19gV5JhW7UwezRwKgj625LBvkMEI8-1664998218-0-AYKQZ1DcAPHv8hWbOTuU0BTrARsxyli+7hPauFCT5d4isoYqGMgVGWVpMgz7bBqKRiLHMHd7FWoRYNuaq1/KCwrEv2YicCG5TLyP38x02Jul; path=/; expires=Wed, 05-Oct-22 20:00:18 GMT; domain=.wellnesstoday02.com; HttpOnly; SameSite=None
Server: cloudflare
alt-svc: h2=":443"; ma=60
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 05 Oct 2022 19:30:18 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| assets.clickfunnels.com/images/closemodal.png | 104.16.16.194 | 200 OK | 672 B |
URL HTTP/2assets.clickfunnels.com/images/closemodal.png IP104.16.16.194:0
File typeRIFF (little-endian) data, Web/P image\012- data Hash19754ed4d508cf576c80cf36e0db8c50 f459beac714e5be68aa75349fa806a5642af456a 5216f197f782f4bb872e02a677986af90a488015910f8d3864b796ad68dbd389
GET /images/closemodal.png HTTP/1.1
Host: assets.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: image/webp
content-length: 672
cf-ray: 755892377e33b509-OSL
accept-ranges: bytes
access-control-allow-origin: *
age: 1807261
cache-control: public, max-age=2678400
content-disposition: inline; filename="closemodal.webp"
etag: "630e9cfc-314"
expires: Sat, 05 Nov 2022 19:30:19 GMT
last-modified: Tue, 30 Aug 2022 23:27:56 GMT
strict-transport-security: max-age=0
vary: Accept, Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=788
set-cookie: __cf_bm=y3F5T.nM3EWppGCSipZe6cb8K0Su6dXAGE0ecKrtkCc-1664998219-0-ASy8PxsYzEPco1jXJJnGu6l6zCGtTe5Pj5aYCYre5XzVZJI0xLwaNfipaMgLaZwFOd6/cNdca6oka2ckO971LuJ9tlX27SINrKLIjv6m0Q6L; path=/; expires=Wed, 05-Oct-22 20:00:19 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb0e8a79f3e381ab34a44278947ac7c7e 70d01e6fdc8565c661b6ae8c5a043ddf2da16530 885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 54.230.111.7 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP54.230.111.7:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Wed, 05 Oct 2022 19:10:22 GMT
Expires: Wed, 05 Oct 2022 19:38:44 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Fa-3EnsuY8DZlaPFqmYk486EIvUCzGDGfZ6_pOQfNnQZregxZEQsfg==
Age: 1197
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.3 | 200 OK | 471 B |
IP142.250.74.3:0
Hashb0e8a79f3e381ab34a44278947ac7c7e 70d01e6fdc8565c661b6ae8c5a043ddf2da16530 885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:30:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash1561c6be7c89d1357a80d12de47b6e74 9a705277922ecca583c867af58b3efce099f83bd e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4255
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:30:19 GMT
Last-Modified: Wed, 05 Oct 2022 18:19:24 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 100.20.30.105 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP100.20.30.105:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: am5i19QzpimmTVoHHcnx2w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tHQmN+4d5kBtNVhS8BZxGpEHA1M=
|
|
| wellnesstoday02.com/hosted/images/1f/f02a7b1e8d4b03a99fe05f8c3dcee9/AD-Images.png | 104.16.15.194 | 200 OK | 258 kB |
URL HTTP/2wellnesstoday02.com/hosted/images/1f/f02a7b1e8d4b03a99fe05f8c3dcee9/AD-Images.png IP104.16.15.194:0
File typePNG image data, 1040 x 788, 8-bit colormap, non-interlaced\012- data Size258 kB (258227 bytes) Hashfc22f3f21ffe3f48cd3ff16ccb8218c5 44ca1eaa53bdb5a17064a4bc6f23413e8db9ed2e 26cbc3d6b15f4e23b13e85747252a353456d4ebdd7976ae1904bce533c3deaec
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /hosted/images/1f/f02a7b1e8d4b03a99fe05f8c3dcee9/AD-Images.png HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: image/png
content-length: 258227
cf-ray: 755892372da4b4f1-OSL
accept-ranges: bytes
cache-control: max-age=31536000
etag: "fc22f3f21ffe3f48cd3ff16ccb8218c5"
last-modified: Tue, 20 Sep 2022 17:30:58 GMT
cf-cache-status: MISS
x-amz-cf-pop: OSL50-P1
vary: Accept-Encoding
server: cloudflare
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashb3791fae35fa0754166a153c17b4d33c 2416c0ebeb59a5dbb874c88a747242fa03e32bb6 6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2402
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:30:20 GMT
Last-Modified: Wed, 05 Oct 2022 18:50:18 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
|
|
| connect.facebook.net/en_US/fbevents.js | 31.13.72.12 | 200 OK | 27 kB |
URL HTTP/2connect.facebook.net/en_US/fbevents.js IP31.13.72.12:0
File typeASCII text, with very long lines (64348) Hashe1327a02d76346c7e23d114e4e508b30 195b8ad875ab8f7a7adf735f1f70aa02b3a2e1a3 331e67b451c6559915b12ab2df810ccdba73b3971c5301b2010b54dd6d391de2
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: 6wLWgD0M94rhIshofCYd/8ORw4kXViZEgicpzBTSSerkizMnOCaRk87U0yw92e72WV6qgAod70JcedYnYm81Jw==
priority: u=3,i
content-length: 26840
x-fb-trip-id: 1904183273
date: Wed, 05 Oct 2022 19:30:20 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashb3791fae35fa0754166a153c17b4d33c 2416c0ebeb59a5dbb874c88a747242fa03e32bb6 6ed8a41c16f75035977b43d3574fc577c3473b46db106480c4a64ca72462458a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2402
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 05 Oct 2022 19:30:20 GMT
Last-Modified: Wed, 05 Oct 2022 18:50:18 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
|
|
| wellnesstoday02.com/vendor.js | 104.16.15.194 | 200 OK | 91 kB |
URL HTTP/2wellnesstoday02.com/vendor.js IP104.16.15.194:0
Hashd8f6bd7ada37a6caeaeb36ff280e5e74 19d7b5aafea651b220be7de2612da24b00b3355c e783f4a30425035b1ebf9bf41d0c31a8a1c31a7346391e6b7219b65e2432d8e1
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /vendor.js HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: application/javascript
cf-ray: 7558923abb0ab4f1-OSL
access-control-allow-origin: *
cache-control: max-age=900, public
etag: W/"7422e50efbaea439fda7ef3b0eb54ee1"
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 581e49c9b7bdd06dab54c00931f4256b223e620e
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss, store
x-request-id: 3c89b519ec5d4d4524f8584863eba926
x-runtime: 0.031067
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| js-agent.newrelic.com/nr-1216.min.js | 151.101.86.137 | 200 OK | 14 kB |
URL HTTP/2js-agent.newrelic.com/nr-1216.min.js IP151.101.86.137:0
File typeASCII text, with very long lines (32022) Hashb7c09cc097b2847f9edc784adba62dcb 5aa648623cf5e3b4b215fe5d068a7904c59f2925 6da450b6a3ba53bdab36f6529e987a245cdfca9a37b77790f06dfd8d5797bdaa
GET /nr-1216.min.js HTTP/1.1
Host: js-agent.newrelic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Vf9xsFZHH0UI6bmTnW+KeBzegICGOxvtMLIWtbljNKoJtdkUEk/MfmbYPFui+bgtiUf/4lC5dk8=
x-amz-request-id: 4AV5AVKCCR961CNG
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-type: application/javascript
server: AmazonS3
cache-control: public, max-age=7200, stale-if-error=604800
content-encoding: gzip
accept-ranges: bytes
date: Wed, 05 Oct 2022 19:30:20 GMT
via: 1.1 varnish
x-served-by: cache-bma1659-BMA
x-cache: HIT
x-cache-hits: 6306
x-timer: S1664998221.590173,VS0,VE0
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
content-length: 14391
X-Firefox-Spdy: h2
|
|
| bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2393&ck=1&ref=https://wellnesstoday02.com/prodentim&ap=495&be=775&fe=2073&dc=1498&perf=%7B%22timing%22:%7B%22of%22:1664998218470,%22n%22:0,%22f%22:527,%22dn%22:578,%22dne%22:579,%22c%22:580,%22s%22:583,%22ce%22:600,%22rq%22:601,%22rp%22:743,%22rpe%22:745,%22dl%22:758,%22di%22:1481,%22ds%22:1498,%22de%22:1593,%22dc%22:2072,%22l%22:2072,%22le%22:2180%7D,%22navigation%22:%7B%7D%7D&fcp=1097&jsonp=NREUM.setToken | 162.247.241.14 | 200 OK | 72 B |
URL HTTP/1.1bam.nr-data.net/1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2393&ck=1&ref=https://wellnesstoday02.com/prodentim&ap=495&be=775&fe=2073&dc=1498&perf=%7B%22timing%22:%7B%22of%22:1664998218470,%22n%22:0,%22f%22:527,%22dn%22:578,%22dne%22:579,%22c%22:580,%22s%22:583,%22ce%22:600,%22rq%22:601,%22rp%22:743,%22rpe%22:745,%22dl%22:758,%22di%22:1481,%22ds%22:1498,%22de%22:1593,%22dc%22:2072,%22l%22:2072,%22le%22:2180%7D,%22navigation%22:%7B%7D%7D&fcp=1097&jsonp=NREUM.setToken IP162.247.241.14:0
File typeASCII text, with no line terminators Hash107d93e382e2c9b00fbf9fb0edc65d86 77e750e3ebf9706f4f6dd253785602d70be17c6c a1ee50b689ea433a0acdccbf4ee4629e9ea3f9c4bcdd21effb334359a2f9e937
GET /1/NRJS-fc902efb332119fff33?a=367981416&v=1216.487a282&to=dFZWTENWVQ9QExdNRlJLSFlWXEpMRQBfXUYYSU1aXVBKC1AF&rst=2393&ck=1&ref=https://wellnesstoday02.com/prodentim&ap=495&be=775&fe=2073&dc=1498&perf=%7B%22timing%22:%7B%22of%22:1664998218470,%22n%22:0,%22f%22:527,%22dn%22:578,%22dne%22:579,%22c%22:580,%22s%22:583,%22ce%22:600,%22rq%22:601,%22rp%22:743,%22rpe%22:745,%22dl%22:758,%22di%22:1481,%22ds%22:1498,%22de%22:1593,%22dc%22:2072,%22l%22:2072,%22le%22:2180%7D,%22navigation%22:%7B%7D%7D&fcp=1097&jsonp=NREUM.setToken HTTP/1.1
Host: bam.nr-data.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 05 Oct 2022 19:30:21 GMT
Content-Type: text/javascript
Transfer-Encoding: chunked
Connection: keep-alive
CF-Ray: 755892408abe0b65-OSL
Access-Control-Allow-Origin: *
Set-Cookie: JSESSIONID=8f7211dad86bd224; Path=/; Domain=.nr-data.net; Secure; SameSite=None
CF-Cache-Status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Cross-Origin-Resource-Policy: cross-origin
Vary: Accept-Encoding
Server: cloudflare
Content-Encoding: gzip
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55331c1dc7e7ebbf456220986278469d d69a62ee47b03fde68db666512417dda2ae5ad13 a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:30:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55331c1dc7e7ebbf456220986278469d d69a62ee47b03fde68db666512417dda2ae5ad13 a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:30:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55331c1dc7e7ebbf456220986278469d d69a62ee47b03fde68db666512417dda2ae5ad13 a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:30:21 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash55331c1dc7e7ebbf456220986278469d d69a62ee47b03fde68db666512417dda2ae5ad13 a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4444
Expires: Wed, 05 Oct 2022 20:44:25 GMT
Date: Wed, 05 Oct 2022 19:30:21 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4fc2ddd86450d64d3fb659ab4e78be58 bbe71936b78a8c34d03ab87948dc840b35c6948f 84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: szhtD9f4RuQaDKXe7LElSR0yOKo9cYa1i2YMeG3eSpBXP8ePcdzQig==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 07:29:32 GMT
age: 43249
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg | 34.120.237.76 | 200 OK | 7.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash229c99cfb655a8c9f1a22de69fdff73c 6b5db8fbfb56f083d54b13e7660d0e4bc866aa00 f4099e9153c3dc481add95b0f24dbb8f6d65cc74ad5631d9cb6c6f2a0351843d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8857940-5ca2-44ba-8a66-f396a605d5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7021
x-amzn-requestid: 2e30bdac-360e-4d0a-8bb7-c3144e074abe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8ucHb1oAMFjYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7f5-18ba6bc50cb32b1e14c882bd;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sd2_YDHr3j7ym7wfFyQh9kg8FP-Et2nJUOo1v_TNbI3PvpzEY5KJ2Q==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:07:19 GMT
age: 76982
etag: "6b5db8fbfb56f083d54b13e7660d0e4bc866aa00"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1de7c17a0ba9295135e7f8b490b6a8d3 70e8d1589f3daf71378965dd197934e220fb6aa4 ee559ce3166479e2b930be7d18525f5c2d164aed8ca005302ddaf3bfe37eec24
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5704624d-eb81-4a5b-bcb7-08db5681c677.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8926
x-amzn-requestid: 27fc8976-af8d-40a3-b701-0642fa135ec4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1GSbIAMFTiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-4d4c7837576e0fdb5828fe3b;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YzVofPSJC-YVU1Q1V9AnjNeQTa1BQEh6ZiH2HjSeeX5RygysFP7oAA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 78467
etag: "70e8d1589f3daf71378965dd197934e220fb6aa4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg | 34.120.237.76 | 200 OK | 3.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5d7d7df8d4c440f9db445c3d99e818d6 612b6dbd4ba895c167964ff7e6d9263013b52b0a bf527a814c78f9e010cce4ba593c9146d54a2137d1f147f7a6250fbad81956ac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb178720-854c-4c9e-85c1-58cb5419ca69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3585
x-amzn-requestid: ccb6f0c8-4d9b-48b8-aaf6-16781dc4c86b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaHFlEcFoAMFS3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a5223-5c9276c873efee993ba54667;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 03:08:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: T8m1q2L45TWDVRBa-R2W70yq9BauBK3G4IX54AGIxdRhG736T974kg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:05:29 GMT
age: 55492
etag: "612b6dbd4ba895c167964ff7e6d9263013b52b0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg | 34.120.237.76 | 200 OK | 5.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash3257b782efae9b64e6e18a547866ec50 4daf0c001e86af8477fb097e8ca932edb8e5f981 899f9692e86405aa288d88dd285a6fe26bedab1a2ca4693212476063890b01a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23595c4d-609a-48f3-a52f-e88e478d7653.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5832
x-amzn-requestid: c4427edd-3d71-47d0-a2d3-b3bfed089535
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zf8s1FuUoAMFhBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ca7eb-46ddff150da4141d23fc0d8a;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 21:38:51 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: WWClzLGprno--c75q63i1TFi8oBEdAYW-J4lCk9V8IELQXe6q0A05A==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 21:42:34 GMT
age: 78467
etag: "4daf0c001e86af8477fb097e8ca932edb8e5f981"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg | 34.120.237.76 | 200 OK | 8.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash100559d746bedd7c3802661c875c35ee 5261a6c2ee6d6cc87e91ee82e32d8be234db393e ff06f31267ddcc9a0d84ddc68932872bfed29d072783c3a1dd3790d41c280aec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78bf691d-76e8-4176-884d-dbc06604dded.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8816
x-amzn-requestid: b9f3ec8a-f478-4405-b275-e21f2d7d89d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZKK7gFPJIAMF-7Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333f1e3-250348e6140f3c74762263ea;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 07:04:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: F1ZWwxLKhRC6oSh6gnUxEm5AnYcY-mezJw9mNJ8GmNWnATAKx1JxSg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 22:42:26 GMT
age: 74875
etag: "5261a6c2ee6d6cc87e91ee82e32d8be234db393e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| wellnesstoday02.com/prodentim | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2wellnesstoday02.com/prodentim IP104.16.15.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /prodentim HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: text/html; charset=utf-8
cf-ray: 755892353a6fb4f1-OSL
access-control-allow-origin: *
cache-control: max-age=60, public, s-maxage=600, r-maxage=10
last-modified: Tue, 20 Sep 2022 20:23:23 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
status: 200 OK
x-content-digest: 7f7c35662af0ef0ba3da87d5d49c26f2cff70821
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: fresh
x-request-id: da624b8655fe08222c196d0f6c9469ee
x-runtime: 0.487748
set-cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP; path=/; expires=Wed, 05-Oct-22 20:00:19 GMT; domain=.wellnesstoday02.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| wellnesstoday02.com/assets/userevents/application.js | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2wellnesstoday02.com/assets/userevents/application.js IP104.16.15.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /assets/userevents/application.js HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: application/x-javascript
cf-ray: 755892372d9eb4f1-OSL
access-control-allow-origin: *
age: 310
cache-control: public, max-age=1200
etag: W/"633da86c-1353"
expires: Wed, 05 Oct 2022 19:50:19 GMT
last-modified: Wed, 05 Oct 2022 15:53:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.9.0/css/all.css | 172.64.132.15 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/all.css IP172.64.132.15:0
GET /releases/v5.9.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: text/css
x-amz-id-2: vC8KBN503iyWKZzHxfJc5rs99Ocw4DSTaifdaL1SsWTbuhhIHZc4Cm+BPlh6dJ7ueugjQrc5cWE=
x-amz-request-id: F0PHW7H6699FG8TW
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 29765241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uh7ZjqtXL8cASvdNWF%2BMpds4q0wU3BLsjIYTsowHK5NAvug2inF%2F2A%2FKDSoSW90FLl6wbfmWxilW%2FRPskVt0GAaPMNpEC0kXZEnRCameAH1Jehpxl5B%2B3aBCkOKs1hQgVHI4sbOQ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755892378aba72de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2fonts.googleapis.com/css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 IP142.250.74.10:0
GET /css?family=Open+Sans:400,700%7COswald:400,700%7CDroid+Sans:400,700%7CRoboto:400,700%7CLato:400,700%7CPT+Sans:400,700%7CSource+Sans+Pro:400,600,700%7CNoto+Sans:400,700%7CPT+Sans:400,700%7CUbuntu:400,700%7CBitter:400,700%7CPT+Serif:400,700%7CRokkitt:400,700%7CDroid+Serif:400,700%7CRaleway:400,700%7CInconsolata:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 05 Oct 2022 19:30:19 GMT
date: Wed, 05 Oct 2022 19:30:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| wellnesstoday02.com/cdn-cgi/rum? | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2wellnesstoday02.com/cdn-cgi/rum? IP104.16.15.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
POST /cdn-cgi/rum? HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 8891
Origin: https://wellnesstoday02.com
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYyMTAxMTQ=:visited=true; cf:visitor_id=5252de48-df59-4731-9d61-4780cbe6f509; addevent_track_cookie=97bacebd-ca38-4a69-d177-1adea4d126bd; _fbp=fb.1.1664998220496.1902550565
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: text/plain
access-control-allow-origin: https://wellnesstoday02.com
access-control-allow-methods: POST,OPTIONS
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 7558923f29f8b4f1-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| wellnesstoday02.com/assets/lander.js | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2wellnesstoday02.com/assets/lander.js IP104.16.15.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /assets/lander.js HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: application/x-javascript
cf-ray: 755892373dadb4f1-OSL
access-control-allow-origin: *
age: 302
cache-control: public, max-age=1200
etag: W/"633da8bf-239130"
expires: Wed, 05 Oct 2022 19:50:19 GMT
last-modified: Wed, 05 Oct 2022 15:54:39 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| wellnesstoday02.com/favicon.ico | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2wellnesstoday02.com/favicon.ico IP104.16.15.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /favicon.ico HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYyMTAxMTQ=:visited=true; cf:visitor_id=5252de48-df59-4731-9d61-4780cbe6f509; addevent_track_cookie=97bacebd-ca38-4a69-d177-1adea4d126bd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: image/x-icon
cf-ray: 7558923c8dc9b4f1-OSL
access-control-allow-origin: *
etag: W/"633da86c-3aee"
last-modified: Wed, 05 Oct 2022 15:53:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| use.fontawesome.com/releases/v5.9.0/css/v4-shims.css | 172.64.132.15 | 200 OK | 0 B |
URL HTTP/2use.fontawesome.com/releases/v5.9.0/css/v4-shims.css IP172.64.132.15:0
GET /releases/v5.9.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: text/css
x-amz-id-2: HpuDfuJOnoRBIn1oGWh6kpnFISyPAhBcUuSh2sgaSOixf+diILYpFUsoF1uDkiR93wgKGECAn7k=
x-amz-request-id: F0PPGVAN5CXAHSGM
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
etag: W/"e140a7d32f343530f016095df3cc2ae4"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 29765241
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ls7gfCUNyFwmXMwI%2F8TbnYheyanFjfXirlPBqB7XHH7AdP3CWu2vKQsTd0MkSQZwyisFnrxIAbv8KpQPqh6%2BWD6dSmEOXoeudfVGnE2wk9G2l4iQD0j6fGkziPHV9i%2FyrYmqupoH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 755892378abd72de-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 | 172.64.156.26 | 200 OK | 0 B |
URL HTTP/2static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 IP172.64.156.26:0
GET /beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wellnesstoday02.com
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 755892377fa5b515-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=f43ad9a1-de18-4347-b076-2d1a911880ee&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim | 104.16.13.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=f43ad9a1-de18-4347-b076-2d1a911880ee&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim IP104.16.13.194:0
GET /userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniqueVisitorsCreatedSummary&nonce=f43ad9a1-de18-4347-b076-2d1a911880ee&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wellnesstoday02.com
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: text/html
cf-ray: 7558923b1bf21c12-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 3c1484a77fa07caa28ec034d3b8bed5e
x-runtime: 0.033807
set-cookie: __cf_bm=EmQdjTPFkkuW8iciRzD4yGO5lSg7nLl.reacSIMYDSk-1664998220-0-AavtOdWXL8pLmry9UVqwsWKlt0YU5utO75/1683ecVJ+1In1XWTB06HfC9Z2r4pYWzb6qG2rpYM8G8gFnfj4TYFhl0IFBjdqZBO/YNLJ0lL1; path=/; expires=Wed, 05-Oct-22 20:00:20 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| wellnesstoday02.com/images/background.png?_unique=0.6466193667731427&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//wellnesstoday02.com/prodentim&_title=Wellness%20Today&_key=r517nwx1&_page_key=ry19bpn0mucn7cw9&_fid=12415250&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://wellnesstoday02.com/prodentim&_referrer= | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2wellnesstoday02.com/images/background.png?_unique=0.6466193667731427&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//wellnesstoday02.com/prodentim&_title=Wellness%20Today&_key=r517nwx1&_page_key=ry19bpn0mucn7cw9&_fid=12415250&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://wellnesstoday02.com/prodentim&_referrer= IP104.16.15.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /images/background.png?_unique=0.6466193667731427&_uniqueVisitorID=null&_type=WINDOW&_location=ttps%3A//wellnesstoday02.com/prodentim&_title=Wellness%20Today&_key=r517nwx1&_page_key=ry19bpn0mucn7cw9&_fid=12415250&_fspos=1&_fvrs=1&_funnel_stat=1&_location=https://wellnesstoday02.com/prodentim&_referrer= HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP; cf:aff_sub2=; cf:aff_sub3=; cf:aff_sub=; cf:affiliate_id=; cf:cf_affiliate_id=; cf:content=; cf:medium=; cf:name=; cf:source=; cf:term=; cf:NTYyMTAxMTQ=:visited=true; cf:visitor_id=5252de48-df59-4731-9d61-4780cbe6f509; addevent_track_cookie=97bacebd-ca38-4a69-d177-1adea4d126bd; _fbp=fb.1.1664998220496.1902550565
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: text/javascript; charset=utf-8
cf-ray: 7558923e7903b4f1-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store, private
strict-transport-security: max-age=0
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
status: 200 OK
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 6b9b692b28969453cb2e891501740a46
x-runtime: 0.021986
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| wellnesstoday02.com/assets/lander.css | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2wellnesstoday02.com/assets/lander.css IP104.16.15.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /assets/lander.css HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: text/css
cf-ray: 755892370d6db4f1-OSL
access-control-allow-origin: *
age: 303
cache-control: public, max-age=1200
etag: W/"633da86c-6a514"
expires: Wed, 05 Oct 2022 19:50:19 GMT
last-modified: Wed, 05 Oct 2022 15:53:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| wellnesstoday02.com/assets/pushcrew.js | 104.16.15.194 | 200 OK | 0 B |
URL HTTP/2wellnesstoday02.com/assets/pushcrew.js IP104.16.15.194:0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /assets/pushcrew.js HTTP/1.1
Host: wellnesstoday02.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://wellnesstoday02.com/prodentim
Cookie: __cf_bm=.LkAp.o4SFCKlTXEGVv_sJIE3SQ6xtAtCMb0RK2UZ7w-1664998219-0-AZNSI3DkfG3MeD5kqcilHnQfAoq6wVyTOMa8yGftqOVwatu1wJjNpSLTwIM3m/ZeEzrgBTaMtwiyD2zo6jaof1NXixa2V7aDs9MaFyUpyblP
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 05 Oct 2022 19:30:19 GMT
content-type: application/x-javascript
cf-ray: 755892373db0b4f1-OSL
access-control-allow-origin: *
age: 850
cache-control: public, max-age=1200
etag: W/"633da86c-27d"
expires: Wed, 05 Oct 2022 19:50:19 GMT
last-modified: Wed, 05 Oct 2022 15:53:16 GMT
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=e2c6b6f8-e762-4b35-8f2f-9eb84a43975f&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim | 104.16.13.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=e2c6b6f8-e762-4b35-8f2f-9eb84a43975f&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim IP104.16.13.194:0
GET /userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::UniquePageviewsCreatedSummary&nonce=e2c6b6f8-e762-4b35-8f2f-9eb84a43975f&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wellnesstoday02.com
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: text/html
cf-ray: 7558923b1bfe1c12-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 35ab64c0ce3b0ef29ba8c6211cc82973
x-runtime: 0.027536
set-cookie: __cf_bm=Vxew9ZCPIui2kxjiRjnFfzXI8THP.enfuiq11Gh0V24-1664998220-0-AQkr/v9tszIXHrg59p63ZqDis0YfqTeIWlenFhufOb3/gAatu6F1dRwGzQ2cPo4xk4Pa+0tN9SpUDPWG9seFNFFZuryK1yY7otw+rpW/Hgna; path=/; expires=Wed, 05-Oct-22 20:00:20 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|
| app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=6216f8f9-fa29-4d36-9d38-fffb24e51fed&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim | 104.16.13.194 | 202 Accepted | 0 B |
URL HTTP/2app.clickfunnels.com/userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=6216f8f9-fa29-4d36-9d38-fffb24e51fed&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim IP104.16.13.194:0
GET /userevents/?funnel_id=ZVhyOG8yVk1xQ0dQMTh4YXovYnMrZz09LS1GUU1MWTR5ZGNFMGIyQmJFbmFTWll3PT0%3D--f0014cf14880dfadd180c2a2c3059fc464087088&page_id=bmZQNmRZUmttSnI5QXhwM3Jab0F5dz09LS1JeTkwcXZzSTI2em1FYmdiSnR0bnpBPT0%3D--3e4ca8a626caecd11fd7311fe1e31b273f85f9e1&funnel_step_id=SDMvc1A3d3M1OTdUQW53djNiaTNjZz09LS1sM1VVUE0yWmpPdnhvc0ptNVE1YVRBPT0%3D--2a464c1f6101fb0e1d09d5de127a9cbe4b8f3225&user_id=c2JHcE40aTkxYzl6V3VIc1JlcTNhUT09LS1XVWh2YU5tZUxjdHV0ZkJ5N21jbXRRPT0%3D--ff81d6004aa25352e72274b5f467af1858c109b6&account_id=R2VxQmJnbGRlZERaaEQ3RnAyWDJRQT09LS1WVU52TkZ5ZFJaMUY1REpxVVNlUmhBPT0%3D--32d24f437900faef9e00ebb52d37693d094e8de3&page_code=NTYyMTAxMTQ%3D&mode_id=1&time_zone=Mountain%20Time%20(US%20%26%20Canada)&app_domain=app.clickfunnels.com&aff_sub2=&aff_sub3=&aff_sub=&affiliate_id=&cf_affiliate_id=&content=&medium=&name=&source=&term=&client_width=1268&type=Userevents::PageviewsCreatedSummary&nonce=6216f8f9-fa29-4d36-9d38-fffb24e51fed&url=https%3A%2F%2Fwellnesstoday02.com%2Fprodentim HTTP/1.1
Host: app.clickfunnels.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://wellnesstoday02.com
Connection: keep-alive
Referer: https://wellnesstoday02.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 202 Accepted
date: Wed, 05 Oct 2022 19:30:20 GMT
content-type: text/html
cf-ray: 7558923b0be41c12-OSL
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=0
vary: Accept-Encoding
cf-cache-status: BYPASS
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-request-method: *
pragma: no-cache
status: 202 Accepted
x-frame-options: ALLOWALL
x-powered-by: Phusion Passenger Enterprise 6.0.7
x-rack-cache: miss
x-request-id: 44bb9f3b2546e567bcce4136e3d9b3b9
x-runtime: 0.045331
set-cookie: __cf_bm=ZvJH2UqmS.v0E8pndNHX0c1mA2B2aOJi9XOAmEuwzMU-1664998220-0-AUNyxGF2L2HjQ1xNouNHSwNrnRecp4XR+mFzeT0TGj87q9X1WucIEtHYlbrdAj7hQlV2I+OhdtV0983jFIVLJMY/QEKiPRTA/3P+QDnYciJg; path=/; expires=Wed, 05-Oct-22 20:00:20 GMT; domain=.clickfunnels.com; HttpOnly; Secure; SameSite=None
server: cloudflare
X-Firefox-Spdy: h2
|
|