urlscan.io logo urlscan.io
SecurityTrails logo

portal.ayco.com Open in urlscan Pro
23.201.254.214  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://wellness.ayco.com/appointment
Effective URL: https://portal.ayco.com/VerifyEmail
Submission: On December 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 7 domains to perform 60 HTTP transactions. The main IP is 23.201.254.214, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is portal.ayco.com.
TLS certificate: Issued by DigiCert SHA2 Extended Validation Ser... on November 7th 2023. Valid for: a year.
This is the only time portal.ayco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 104.126.37.169 20940 (AKAMAI-ASN1)
8 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 65.9.95.96 16509 (AMAZON-02)
1 54.171.181.145 16509 (AMAZON-02)
20 23.201.254.214 16625 (AKAMAI-AS)
2 63.140.62.135 15224 (OMNITURE)
1 34.223.74.168 16509 (AMAZON-02)
60 8
24    104.126.37.169 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-37-169.deploy.static.akamaitechnologies.com
wellness.ayco.com
8    2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
2    65.9.95.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-96.prg50.r.cloudfront.net
cdn.appdynamics.com
1    54.171.181.145 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-181-145.eu-west-1.compute.amazonaws.com
dpm.demdex.net
20    23.201.254.214 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-254-214.deploy.static.akamaitechnologies.com
portal.ayco.com
2    63.140.62.135 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-135.data.adobedc.net
smetrics.marcus.com
1    34.223.74.168 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-223-74-168.us-west-2.compute.amazonaws.com
api.segment.io
Apex Domain
Subdomains		 Transfer
44 ayco.com
wellness.ayco.com
portal.ayco.com
5 MB
8 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 431
173 KB
2 marcus.com
smetrics.marcus.com — Cisco Umbrella Rank: 158576
562 B
2 appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4227
45 KB
1 segment.io
api.segment.io — Cisco Umbrella Rank: 1340 Failed
173 B
1 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 208
1 KB
0 sentry.io Failed
goldmansachs.my.sentry.io Failed
60 7
Domain Requested by
24 wellness.ayco.com wellness.ayco.com
cdn.appdynamics.com
20 portal.ayco.com wellness.ayco.com
portal.ayco.com
8 assets.adobedtm.com wellness.ayco.com
assets.adobedtm.com
cdn.appdynamics.com
portal.ayco.com
2 smetrics.marcus.com portal.ayco.com
2 cdn.appdynamics.com wellness.ayco.com
cdn.appdynamics.com
1 api.segment.io wellness.ayco.com
portal.ayco.com
1 dpm.demdex.net assets.adobedtm.com
0 goldmansachs.my.sentry.io Failed wellness.ayco.com
60 8

This site contains links to these domains. Also see Links.

Domain
www.goldmansachs.com
www.finra.org
www.sipc.org
Subject Issuer Validity Valid
cdn-ak-pwm-ad-1.gs.com
DigiCert SHA2 Extended Validation Server CA		 2023-11-23 -
2024-11-26		 a year crt.sh
assets.adobedtm.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-11 -
2024-08-10		 a year crt.sh
*.appdynamics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-21 -
2024-07-21		 a year crt.sh
*.demdex.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2024-10-26		 a year crt.sh
www.ayco.com
DigiCert SHA2 Extended Validation Server CA		 2023-11-07 -
2024-11-05		 a year crt.sh
smetrics.marcus.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-26 -
2024-11-25		 a year crt.sh
*.segment.io
Amazon RSA 2048 M03		 2023-12-13 -
2025-01-11		 a year crt.sh

This page contains 1 frames:

Primary Page: https://portal.ayco.com/VerifyEmail
Frame ID: BE6D72519693309919F047A225ADE39A
Requests: 62 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Ayco | Please provide your email address

Page URL History Show full URLs

  1. https://wellness.ayco.com/appointment Page URL
  2. https://portal.ayco.com/VerifyEmail Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • adrum
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Page Statistics

60
Requests

97 %
HTTPS

14 %
IPv6

7
Domains

8
Subdomains

8
IPs

3
Countries

4834 kB
Transfer

16494 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wellness.ayco.com/appointment Page URL
  2. https://portal.ayco.com/VerifyEmail Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
appointment
wellness.ayco.com/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8dc6f10544caa0edc52eb5aa0b69d98ed4dee4119c3149690676819160a2f833
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
access-control-allow-methods
POST
cache-control
no-store, no-cache, must-revalidate, max-age=0
content-encoding
gzip
content-length
1426
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
content-type
text/html; charset=utf-8
date
Sat, 16 Dec 2023 01:29:32 GMT
etag
"f88-60b60e8841480"
last-modified
Thu, 30 Nov 2023 16:11:46 GMT
server
Apache
strict-transport-security
max-age=31536000; includeSubdomains; preload
vary
Accept-Encoding
x-akamai-transformed
9 3976 0 pmb=mTOE,2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
BasisGrotesque-Regular-Pro.woff2
wellness.ayco.com/static/fonts/ 		49 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/static/fonts/BasisGrotesque-Regular-Pro.woff2
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/appointment
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 01:29:32 GMT
content-length
50128
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:11:46 GMT
server
Apache
etag
"c3d0-60b60e8841480"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
launch-e60d273934f1.min.js
assets.adobedtm.com/607ae6100a11/ea22be519b1d/ 		321 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7a0f28c3740201764a370a992ebb4db300652826b31335814614efa9f584495b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellness.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:29:32 GMT
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 13:59:08 GMT
server
AkamaiNetStorage
etag
"42eade929ddf8e4a8a51d5acd1c1662e:1699451948.7412"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://wellness.ayco.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
73402
expires
Sat, 16 Dec 2023 02:29:32 GMT
styles.2c23aa2c6039e674.css
wellness.ayco.com/ 		1 MB
107 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/styles.2c23aa2c6039e674.css
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b02aba9705fa4906e839d8091afca318e0e50c62867684e5ade334b510ac1983
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellness.ayco.com/appointment
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:32 GMT
content-length
108177
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:11:46 GMT
server
Apache
etag
"10f08b-60b60e8841480-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
text/css; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:32 GMT
26417459
wellness.ayco.com/akam/13/ 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/akam/13/26417459
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
140fe00a1c4282b54bcfd81bda66b12ba226ee82c6970e7d2a936ae66ee085c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellness.ayco.com/appointment
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 01:29:33 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 15:10:19 GMT
etag
"0b7922f8210941d313897e34c7bef67e980b05e302c8b03ebf6034ad1d489c3f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store
content-length
8773
expires
Sat, 16 Dec 2023 01:29:33 GMT
adrum-4.5.4.1467.js
cdn.appdynamics.com/adrum/ 		68 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum/adrum-4.5.4.1467.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-96.prg50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
068522aef452a05e7e908b8550d82a3b84a6b6bfed04c86d006ced5e911f9821

Request headers

Referer
https://wellness.ayco.com/
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Mon, 11 Dec 2023 01:37:42 GMT
content-encoding
gzip
via
1.1 d9c696d6d0c92f63870873ced2895baa.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
431510
x-cache
Hit from cloudfront
last-modified
Fri, 02 Nov 2018 17:51:55 GMT
server
nginx/1.16.1
etag
W/"5bdc8ebb-11125"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
zhG2k09KHP-ZX-zoTNonRkcxHiqV94OBUu7kWWUp86TO1-ieEzDPCg==
polyfills.1b7d54747790f70c.js
wellness.ayco.com/ 		412 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/polyfills.1b7d54747790f70c.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
810196fa576e7df70aaf2dbdaf93df6d9db4842ba6d2c720eb6ab82f8e6642dd
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/appointment
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:32 GMT
content-length
138301
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:11:46 GMT
server
Apache
etag
"6710b-60b60e8841480-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:32 GMT
styles.3cb81d352e3d9cae.js
wellness.ayco.com/ 		312 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/styles.3cb81d352e3d9cae.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6545161b6eecf06bce83fc96037c31875bf72f95481b6f69a942eead1481c91a
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/appointment
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:32 GMT
content-length
101687
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:11:46 GMT
server
Apache
etag
"4e195-60b60e8841480-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:32 GMT
main.2426f3370b89d4d1.js
wellness.ayco.com/ 		319 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/main.2426f3370b89d4d1.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d6b4fdbd06f95ca9e917ddd0b9a4e66fa7c9fcf3f4198c825031d8629a2fc757
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/appointment
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:32 GMT
content-length
104547
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:11:46 GMT
server
Apache
etag
"4fc78-60b60e8841480-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:32 GMT
id
dpm.demdex.net/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.0.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=51857BAF56FBC1EC7F000101%40AdobeOrg&d_nsid=0&ts=1702690172807
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.171.181.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-181-145.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91fde9b51f1a432ce083535ad0d69b6813187c4918a4197122cf72766b34f6f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://wellness.ayco.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

dcs
dcs-prod-irl1-1-v054-0f36061c8.edge-irl1.demdex.com 2 ms
pragma
no-cache
date
Sat, 16 Dec 2023 01:29:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-tid
PtiE+e1oRb4=
vary
Origin
content-type
application/json;charset=utf-8
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
access-control-allow-origin
https://wellness.ayco.com
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
access-control-allow-credentials
true
content-length
608
expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellness.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:29:32 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://wellness.ayco.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Sat, 16 Dec 2023 02:29:32 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellness.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:29:32 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://wellness.ayco.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Sat, 16 Dec 2023 02:29:32 GMT
remoteEntry.js
wellness.ayco.com/appointment-scheduling-ui/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/appointment-scheduling-ui/remoteEntry.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fac04f771fb30e6818db5a26e670e56a02f92104a87dea44a1826bcc5574b076
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/main.2426f3370b89d4d1.js
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:33 GMT
content-length
48313
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:23:28 GMT
server
Apache
etag
"23ed4-60b61125bc000-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
access-control-allow-origin
https://wellness.ayco.com
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:33 GMT
remoteEntry.js
wellness.ayco.com/group-events-ui/ 		317 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/group-events-ui/remoteEntry.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0d1debb6e876260c8076b03ffc98992ecf1b7b824ad8a6c096352e94cb889e7f
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/main.2426f3370b89d4d1.js
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:33 GMT
content-length
103411
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:09:57 GMT
server
Apache
etag
"4f296-60b60e204df40-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
access-control-allow-origin
https://wellness.ayco.com
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:33 GMT
remoteEntry.js
wellness.ayco.com/life-events-ui/ 		317 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/life-events-ui/remoteEntry.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8be4318a202971eb48bace5ba814c9ea804cc4757b978de0b847e056823bc560
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/main.2426f3370b89d4d1.js
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:33 GMT
content-length
103410
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:10:09 GMT
server
Apache
etag
"4f294-60b60e2bbfa40-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
access-control-allow-origin
https://wellness.ayco.com
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:33 GMT
remoteEntry.js
wellness.ayco.com/marketplace-ui/ 		317 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/marketplace-ui/remoteEntry.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
11aebd3999c5b61018723bacb2a6ecec463550eec459d0459c3a256bd9a9d8a1
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/main.2426f3370b89d4d1.js
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:33 GMT
content-length
103407
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:10:11 GMT
server
Apache
etag
"4f296-60b60e2da7ec0-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
access-control-allow-origin
https://wellness.ayco.com
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:33 GMT
remoteEntry.js
wellness.ayco.com/unlock-coach-access-ui/ 		317 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/unlock-coach-access-ui/remoteEntry.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b88bef52fef842839c2a7af8c2e4df796cb7952039ccd6db95cb7f3a4f1bfa4a
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/main.2426f3370b89d4d1.js
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:33 GMT
content-length
103421
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:08:40 GMT
server
Apache
etag
"4f2b4-60b60dd6df200-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
access-control-allow-origin
https://wellness.ayco.com
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:33 GMT
remoteEntry.js
wellness.ayco.com/wellness-assessment-ui/ 		317 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/wellness-assessment-ui/remoteEntry.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d4cd8fb5a47ce8242a4cbe97b53dad1f80401a2c932de216f31feaee7a852d0d
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/main.2426f3370b89d4d1.js
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:33 GMT
content-length
103416
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:08:45 GMT
server
Apache
etag
"4f2b4-60b60ddba3d40-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
access-control-allow-origin
https://wellness.ayco.com
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:33 GMT
remoteEntry.js
wellness.ayco.com/wellness-public-ui/ 		317 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/wellness-public-ui/remoteEntry.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/appointment
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ed529ce8f7356abdb4787b6b2dc3c2919c9b281afc28f6d1360b1e6927fc650a
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/main.2426f3370b89d4d1.js
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:33 GMT
content-length
103405
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:08:54 GMT
server
Apache
etag
"4f2a9-60b60de439180-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
access-control-allow-origin
https://wellness.ayco.com
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:33 GMT
truncated
/ 		9 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		157 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
731.9dd1d474d3ddf67e.js
wellness.ayco.com/ 		3 MB
790 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/731.9dd1d474d3ddf67e.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/main.2426f3370b89d4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
204fe0dcc78d964e08b7588628e75c9444cdcf37c2aac95f2ca052b47fd109c3
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/appointment
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:33 GMT
content-length
806725
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:11:45 GMT
server
Apache
etag
"2d7c32-60b60e874d240-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
access-control-allow-origin
https://wellness.ayco.com
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:33 GMT
646.383308e855c5973d.css
wellness.ayco.com/ 		7 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/646.383308e855c5973d.css
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/main.2426f3370b89d4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cb58516dd31d8c05a3441b8e1024e69c3576efd0ab264f129e5ccef00de36856
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellness.ayco.com/appointment
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:33 GMT
content-length
1612
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:11:46 GMT
server
Apache
etag
"1a2f-60b60e8841480-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
text/css; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:33 GMT
646.6c81ccebb25847c0.js
wellness.ayco.com/ 		520 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/646.6c81ccebb25847c0.js
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/main.2426f3370b89d4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cb6a045ad5219afad0984ae64d40ee4c64d0413ac2e4f8c9b7736f20e9b808cf
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/appointment
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
date
Sat, 16 Dec 2023 01:29:33 GMT
content-length
120836
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:11:45 GMT
server
Apache
etag
"81f18-60b60e874d240-gzip"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
access-control-allow-origin
https://wellness.ayco.com
content-type
application/x-javascript; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
expires
Sat, 16 Dec 2023 01:29:33 GMT
api
wellness.ayco.com/ 		381 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/api
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.4.1467.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff6d14f77e27f7b90cb2f20bce408189f5f388961f3fcd13fe2df2cc0a002dc3
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-journey-id
8c608a21-05e1-4ea2-914c-4b810bbe934e
accept-language
de-DE,de;q=0.9
x-requested-by
wellness.ayco.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://wellness.ayco.com/appointment
ADRUM
isAjax:true
sentry-trace
26645a2f58ba4dae8594a948f6d0d331-bec122ed9d723967-1

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
www-authenticate
Bearer error="invalid_token", error_description="Reference token could not be introspected"
x-content-type-options
nosniff
server
Apache
date
Sat, 16 Dec 2023 01:29:34 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
text/html; charset=iso-8859-1
access-control-allow-origin
https://wellness.ayco.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
content-length
381
x-xss-protection
1; mode=block
api
wellness.ayco.com/ 		381 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/api
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.4.1467.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff6d14f77e27f7b90cb2f20bce408189f5f388961f3fcd13fe2df2cc0a002dc3
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-journey-id
8c608a21-05e1-4ea2-914c-4b810bbe934e
accept-language
de-DE,de;q=0.9
x-requested-by
wellness.ayco.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://wellness.ayco.com/appointment
ADRUM
isAjax:true
sentry-trace
26645a2f58ba4dae8594a948f6d0d331-b1f8891bc6bf6e4e-1

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
www-authenticate
Bearer error="invalid_token", error_description="Reference token could not be introspected"
x-content-type-options
nosniff
server
Apache
date
Sat, 16 Dec 2023 01:29:34 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
text/html; charset=iso-8859-1
access-control-allow-origin
https://wellness.ayco.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
content-length
381
x-xss-protection
1; mode=block
api
wellness.ayco.com/ 		381 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/api
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.4.1467.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff6d14f77e27f7b90cb2f20bce408189f5f388961f3fcd13fe2df2cc0a002dc3
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-journey-id
8c608a21-05e1-4ea2-914c-4b810bbe934e
accept-language
de-DE,de;q=0.9
x-requested-by
wellness.ayco.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://wellness.ayco.com/appointment
ADRUM
isAjax:true
sentry-trace
26645a2f58ba4dae8594a948f6d0d331-b816579b1aa8bc7e-1

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
www-authenticate
Bearer error="invalid_token", error_description="Reference token could not be introspected"
x-content-type-options
nosniff
server
Apache
date
Sat, 16 Dec 2023 01:29:34 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
text/html; charset=iso-8859-1
access-control-allow-origin
https://wellness.ayco.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
content-length
381
x-xss-protection
1; mode=block
api
wellness.ayco.com/ 		381 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/api
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.4.1467.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ff6d14f77e27f7b90cb2f20bce408189f5f388961f3fcd13fe2df2cc0a002dc3
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

x-journey-id
8c608a21-05e1-4ea2-914c-4b810bbe934e
accept-language
de-DE,de;q=0.9
x-requested-by
wellness.ayco.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
content-type
application/json
accept
*/*
Referer
https://wellness.ayco.com/appointment
ADRUM
isAjax:true
sentry-trace
26645a2f58ba4dae8594a948f6d0d331-bfd8e0b386cf06df-1

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
www-authenticate
Bearer error="invalid_token", error_description="Reference token could not be introspected"
x-content-type-options
nosniff
server
Apache
date
Sat, 16 Dec 2023 01:29:34 GMT
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
text/html; charset=iso-8859-1
access-control-allow-origin
https://wellness.ayco.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
content-length
381
x-xss-protection
1; mode=block
adrum-ext.e0f1f4dad911a84d8042f3b4469843fa.js
cdn.appdynamics.com/ 		50 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.appdynamics.com/adrum-ext.e0f1f4dad911a84d8042f3b4469843fa.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.4.1467.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.95.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-95-96.prg50.r.cloudfront.net
Software
nginx/1.16.1 /
Resource Hash
1461baa68e332079e547d163c54f92cd716c4c6e26bfd1d0dceddd809295f629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellness.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 30 Nov 2023 02:46:20 GMT
content-encoding
gzip
via
1.1 f18b0bd4a5b62e5fb49428cc4789689e.cloudfront.net (CloudFront)
x-amz-cf-pop
PRG50-C1
age
1377794
x-cache
Hit from cloudfront
last-modified
Fri, 02 Nov 2018 17:51:56 GMT
server
nginx/1.16.1
etag
W/"5bdc8ebc-c7df"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2678400, s-max-age=14400
timing-allow-origin
*
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id
mQFQbt05za9jEorX5jvHehVE0vVUE241_uN712pCpYzFfuPZEz0t8g==
pixel_26417459
wellness.ayco.com/akam/13/ 		0
599 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/akam/13/pixel_26417459
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.4.1467.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://wellness.ayco.com/appointment
ADRUM
isAjax:true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sat, 16 Dec 2023 01:29:34 GMT
content-length
0
content-type
text/html
icon-defs.generated.svg
wellness.ayco.com/static/svg/ 		154 KB
45 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/static/svg/icon-defs.generated.svg
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/main.2426f3370b89d4d1.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellness.ayco.com/appointment
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 01:29:34 GMT
content-encoding
gzip
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:11:46 GMT
server
Apache
etag
"268fc-60b60e8841480"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
RC930a780a5d194c84a166451f7aee5e2b-source.min.js
assets.adobedtm.com/607ae6100a11/ea22be519b1d/b04050d7a4ca/ 		1 KB
794 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/b04050d7a4ca/RC930a780a5d194c84a166451f7aee5e2b-source.min.js
Requested by
Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.4.1467.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e4993c83e859d4a9c229eb53a18a1032ef16e5af90e972f413466f47607397f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellness.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:29:34 GMT
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 13:59:09 GMT
server
AkamaiNetStorage
etag
"25f27f9b18d5e5bceaa21ee21621dbfd:1699451949.571665"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://wellness.ayco.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
537
expires
Sat, 16 Dec 2023 02:29:34 GMT
BasisGrotesque-Regular-Pro.cc702c3b.14e27a296fba4d0a5155.woff2
wellness.ayco.com/ 		49 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://wellness.ayco.com/BasisGrotesque-Regular-Pro.cc702c3b.14e27a296fba4d0a5155.woff2
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/styles.2c23aa2c6039e674.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.126.37.169 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-126-37-169.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/styles.2c23aa2c6039e674.css
Origin
https://wellness.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-security-policy
frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
x-content-type-options
nosniff
date
Sat, 16 Dec 2023 01:29:34 GMT
content-length
50128
x-xss-protection
1; mode=block
last-modified
Thu, 30 Nov 2023 16:11:45 GMT
server
Apache
etag
"c3d0-60b60e874d240"
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Content-Type, X-Connection-ID, X-Requested-By, X-TMX-Profile-Complete, X-Request-Id, X-Journey-Id
p
api.segment.io/v1/ 		0
0
Primary Request VerifyEmail
portal.ayco.com/ 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/VerifyEmail
Requested by
Host: wellness.ayco.com
URL: https://wellness.ayco.com/646.6c81ccebb25847c0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
db90c4f04e0e3ea4847c5dd0d14bd84a3fb530e4c1a8c247220c9ec460ad058f
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellness.ayco.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5636
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Content-Type
text/html; charset=utf-8
Date
Sat, 16 Dec 2023 01:29:34 GMT
Expires
-1
Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Vary
Accept-Encoding
X-XSS-Protection
1; mode=block
x-content-type-options
nosniff
s63601025686780
smetrics.marcus.com/b/ss/gsmwellnessprod/1/JS-2.22.0-LDQM/ 		43 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.marcus.com/b/ss/gsmwellnessprod/1/JS-2.22.0-LDQM/s63601025686780?AQB=1&ndh=1&pf=1&t=16%2F11%2F2023%202%3A29%3A34%206%20-60&mid=04400830735180369541320830157292206673&aamlh=6&ce=UTF-8&pageName=us%3Aen%3Awellness%3Aerror%3Apage%3Ageneric-error&g=https%3A%2F%2Fwellness.ayco.com%2Fappointment&cc=USD&ch=error&server=wellness.ayco.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=04400830735180369541320830157292206673%7C2023-12-15%7C1&c3=8&c4=friday&c5=weekday&c6=new&c7=1&c8=new%20visitor&c9=2023-12-15%2008%3A29%3A34&v10=04400830735180369541320830157292206673&c11=not%20logged%20in&c22=en&c23=error&v23=not%20logged%20in&c24=page&v24=error%3Apage%3Ageneric-error&c25=generic-error&c31=D%3Dv50&c32=2023-12-15%2020%3A29%3A34&c33=8%3A29%20pm%7Cfriday%7Cweekday&c34=2023-12-15&v37=en&v38=error&v39=page&v40=generic-error&c44=us%3Aen%3Awellness%3Aerror%3Apage%3Ageneric-error&v47=landscape-primary&v50=https%3A%2F%2Fwellness.ayco.com%2Fappointment&v51=https%3A%2F%2Fwellness.ayco.com%2Fappointment&v58=2023-12-15%2008%3A29%3A34&v85=us%3Aen%3Awellness%3Aerror%3Apage%3Ageneric-error&v87=D%3Duser-agent&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=51857BAF56FBC1EC7F000101%40AdobeOrg&AQE=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.135 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-135.data.adobedc.net
Software
jag /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellness.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 01:29:34 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 17 Dec 2023 01:29:34 GMT
server
jag
etag
3656499307276402688-4617523920205531307
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 15 Dec 2023 01:29:34 GMT
/
goldmansachs.my.sentry.io/api/16/envelope/ 		0
0
css2.0
portal.ayco.com/Content/CSS/ 		2 MB
223 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/Content/CSS/css2.0?v=XPDW7IaPw9Vtc7ZS7chE1bUBqOPf3PcXTG5L_RVEM3k1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
68a48966e3286845f5a77e199c05abb1485d04de91a7816f3508ccc81bcac171
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive, Transfer-Encoding
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
X-XSS-Protection
1; mode=block
Expires
-1
modernizrjs
portal.ayco.com/publicBundles/ 		11 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/modernizrjs?v=inCVuEFe6J4Q07A0AcRsbJic_UE5MwpRMNGcOtk94TE1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Content-Length
4503
X-XSS-Protection
1; mode=block
Expires
-1
launch-e60d273934f1.min.js
assets.adobedtm.com/607ae6100a11/ea22be519b1d/ 		321 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
7a0f28c3740201764a370a992ebb4db300652826b31335814614efa9f584495b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:29:36 GMT
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 13:59:08 GMT
server
AkamaiNetStorage
etag
"42eade929ddf8e4a8a51d5acd1c1662e:1699451948.7412"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://portal.ayco.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
73402
expires
Sat, 16 Dec 2023 02:29:36 GMT
Wellness2Js
portal.ayco.com/publicBundles/ 		3 MB
821 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/Wellness2Js?v=8T0VIrDpGBzN4KWhRBFWDus0aQhNMwtnBSKWc1m8itc1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2febd9e4b0e22cb993123f3541fc3476cf52ce9232382a27bddbc584da09646e
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive, Transfer-Encoding
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
X-XSS-Protection
1; mode=block
Expires
-1
verifyemail-large.png
portal.ayco.com/Scripts/wellness2-lite/static/images/assets/ 		769 KB
771 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.ayco.com/Scripts/wellness2-lite/static/images/assets/verifyemail-large.png
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
05fa2ca1cce3c8b0f18fe5f7476915fdecb703c62ea4ee0bcdad9cfb4129bc71
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:35 GMT
Connection
keep-alive
Content-Length
787946
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Thu, 30 Nov 2023 16:02:48 GMT
ETag
"04bba9a623da1:0"
Content-Type
image/png
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Expires
-1
verifyemail-small.png
portal.ayco.com/Scripts/wellness2-lite/static/images/assets/ 		18 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.ayco.com/Scripts/wellness2-lite/static/images/assets/verifyemail-small.png
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e6daafc725f4cbc4243b66ff4635963e22e27e37a9b3790f616e817626deb639
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:35 GMT
Connection
keep-alive
Content-Length
18370
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Thu, 30 Nov 2023 16:02:48 GMT
ETag
"04bba9a623da1:0"
Content-Type
image/png
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Expires
-1
jquery
portal.ayco.com/publicBundles/ 		86 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/jquery?v=8Oos0avDZyPg-cbyVzvkIfERIE1DGSe3sRQdCSYrgEQ1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:35 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Content-Length
31567
X-XSS-Protection
1; mode=block
Expires
-1
bootstrapjs
portal.ayco.com/publicBundles/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/bootstrapjs?v=hIU1wc6cJ9PIE4nO3wFeJ6jHiLl0aqxTcYWLHS_WkOY1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f1e9d172e8dc5e770ef636985bbe60988ed27dba4cf791ab24911f26722441d6
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Content-Length
7938
X-XSS-Protection
1; mode=block
Expires
-1
angularjs
portal.ayco.com/publicBundles/ 		214 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/angularjs?v=Uh20tazmW_4yurBrJXoxiqnuDrkCeNNG4XI3mRYflH41
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c5f8152dc4de160073bbd73dea437a13537e52781398819661be6d8e54c3a73d
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive, Transfer-Encoding
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
X-XSS-Protection
1; mode=block
Expires
-1
uimaskjs
portal.ayco.com/publicBundles/ 		8 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/uimaskjs?v=YnWsd5ZUhilX2ognetMmZI5lirtZskwtv_YXMyjuux81
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4ddcb75fe1289cd53a8c11f1996720b91f23d67fe777d4f68920e890378b1262
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Content-Length
3080
X-XSS-Protection
1; mode=block
Expires
-1
aycojs
portal.ayco.com/publicBundles/ 		621 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/aycojs?v=F7v1OKuhOg8UabWRqWUolHj7FNRXi4gsu0JOqf7Faq41
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2ac0bc37d2fd84140e4bfac4f95e963f945d70cebcacb2e89ff1cb9d79504ce0
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Content-Length
621
X-XSS-Protection
1; mode=block
Expires
-1
SegmentScript
portal.ayco.com/publicBundles/ 		93 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/SegmentScript?v=mc1ao0VLyTFw-WO26OuQmaY4PgzO6HYLfYH1WbgknaA1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
338c8f747f271dda5eb806bee0c8c741dc08ba944bf03f0b30c0b550c1aa2e2b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Content-Length
27127
X-XSS-Protection
1; mode=block
Expires
-1
omniturejs
portal.ayco.com/publicBundles/ 		39 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/omniturejs?v=ebSTz89mcbpG681Az822S5_PaGY4YvyoJvPUESXONDc1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4b0106bd1ebb5a3a91b82525f10b901fad402c6ac3e6d43b2d281a53dde7b685
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Content-Length
14846
X-XSS-Protection
1; mode=block
Expires
-1
moment
portal.ayco.com/publicBundles/ 		435 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/moment?v=M-MWdYUB4jKo1MmuplXgC9tTUKcE_uUZ0yWdIqWCKEU1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
1e41d3044d1c76e25fef8e62cfc705e4352d9bc6c839b8bab77bbc25385eb4f3
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive, Transfer-Encoding
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
X-XSS-Protection
1; mode=block
Expires
-1
analyticsjs
portal.ayco.com/publicBundles/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/analyticsjs?v=etECi5JEPf8ste3yhVHkchDfP3DhnDOoFyeEKoKg2Dk1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
3f070059de628a7928e1055f583f3a7d970e485224c82d330b6029f3ec9e7caf
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Content-Length
2280
X-XSS-Protection
1; mode=block
Expires
-1
videojs
portal.ayco.com/publicBundles/ 		235 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/publicBundles/videojs?v=czRCted37qiWUPHCmH25o-pAy2xiNSJmmCzdn_s6MGA1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
01aa40bd9c98ddf43a5b5288471bb60ec875d02235068770d3782100d282c4eb
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma
no-cache
Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/javascript; charset=utf-8
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Connection
keep-alive, Transfer-Encoding
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
X-XSS-Protection
1; mode=block
Expires
-1
BasisGrotesque-Regular-Pro.ttf
portal.ayco.com/Content/fonts/Basis/ 		141 KB
142 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/Content/fonts/Basis/BasisGrotesque-Regular-Pro.ttf
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/Content/CSS/css2.0?v=XPDW7IaPw9Vtc7ZS7chE1bUBqOPf3PcXTG5L_RVEM3k1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
240b92c555e7da01a2d660d629adad361f3c026c3718b9e5c335efa42a903127
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.ayco.com/Content/CSS/css2.0?v=XPDW7IaPw9Vtc7ZS7chE1bUBqOPf3PcXTG5L_RVEM3k1
Origin
https://portal.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Connection
keep-alive
Content-Length
143908
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Thu, 30 Nov 2023 16:02:44 GMT
ETag
"0aa58a7a623da1:0"
Content-Type
application/octet-stream
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Expires
-1
icon-defs.generated.svg
portal.ayco.com/static/svg/ 		155 KB
45 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/static/svg/icon-defs.generated.svg
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5a4e921e32b45fbe03c1be846ffbfefdf75032a4cf921dd507751ad19fef7395
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:36 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Thu, 30 Nov 2023 16:02:48 GMT
ETag
"04bba9a623da1:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Expires
-1
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:29:36 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"f259ee6445c19c2ce3c64a1b117a4f35:1597270192.577101"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://portal.ayco.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12184
expires
Sat, 16 Dec 2023 02:29:36 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:29:36 GMT
content-encoding
gzip
last-modified
Wed, 12 Aug 2020 22:09:52 GMT
server
AkamaiNetStorage
etag
"5dedcda2c8a6c3a51fd419d306427010:1597270192.857753"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://portal.ayco.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1594
expires
Sat, 16 Dec 2023 02:29:36 GMT
AYCO.svg
portal.ayco.com/Scripts/wellness2-lite/static/images/ 		6 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://portal.ayco.com/Scripts/wellness2-lite/static/images/AYCO.svg
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e6d94d254e5a3b7b107282d7cc850490d76b4f942848fb9de99e8f4b4daad904
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/VerifyEmail
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:38 GMT
Content-Encoding
gzip
Connection
keep-alive
Content-Length
2707
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Thu, 30 Nov 2023 16:02:48 GMT
ETag
"04bba9a623da1:0"
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Expires
-1
BasisGrotesque-Regular-Pro.cc702c3b.14e27a296fba4d0a5155.woff2
portal.ayco.com/Content/CSS/ 		49 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://portal.ayco.com/Content/CSS/BasisGrotesque-Regular-Pro.cc702c3b.14e27a296fba4d0a5155.woff2
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/Content/CSS/css2.0?v=XPDW7IaPw9Vtc7ZS7chE1bUBqOPf3PcXTG5L_RVEM3k1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.201.254.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-201-254-214.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
Security Headers
Name Value
Content-Security-Policy default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
Strict-Transport-Security max-age=31536000, includeSubDomains, preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://portal.ayco.com/Content/CSS/css2.0?v=XPDW7IaPw9Vtc7ZS7chE1bUBqOPf3PcXTG5L_RVEM3k1
Origin
https://portal.ayco.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000, includeSubDomains, preload
Content-Security-Policy
default-src 'unsafe-inline' 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://dpm.demdex.net https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com https://assets.adobedtm.com https://api.segment.io; font-src 'self' data:; connect-src 'self' https://gsmosaic.tt.omtrdc.net/ https://dpm.demdex.net https://smetrics.marcus.com/ *.accounts.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://api.segment.io https://sdk.iad-05.braze.com; style-src 'self' 'unsafe-inline' https://www.timevaluecalculators.com/ https://use.edgefonts.net/ *.timetrade.co *.appointments.ayco.com *.ayco.com; img-src 'self' data: https://p.typekit.net/ https://www.ayco.com/ https://goldmansachs.122.2o7.net https://www.timevaluecalculators.com/ *.appointments.ayco.com *.ayco.com https://int.clientapache.imdwellness.site.gs.com:8000/ https://smetrics.marcus.com/; frame-ancestors 'self' https://ui-gs1-stag.timetrade.co https://oauth-gs1-stag.timetrade.co https://ui-gs1.timetrade.co https://oauth-gs1.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:*; frame-src 'self' *.timetrade.co *.appointments.ayco.com *.ayco.com *.gs.com:* https://gsmosaic.demdex.net/
x-content-type-options
nosniff
Date
Sat, 16 Dec 2023 01:29:38 GMT
Connection
keep-alive
Content-Length
50128
X-XSS-Protection
1; mode=block
Pragma
no-cache
Last-Modified
Thu, 30 Nov 2023 16:02:44 GMT
ETag
"0aa58a7a623da1:0"
Content-Type
application/font-woff
Access-Control-Allow-Origin
https://idfs.gs.com
Cache-Control
no-cache, no-store, must-revalidate, max-age=0,No-cache
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept, x-requested-by, x-journey-id
Expires
-1
RC930a780a5d194c84a166451f7aee5e2b-source.min.js
assets.adobedtm.com/607ae6100a11/ea22be519b1d/b04050d7a4ca/ 		1 KB
793 B 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/b04050d7a4ca/RC930a780a5d194c84a166451f7aee5e2b-source.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/607ae6100a11/ea22be519b1d/launch-e60d273934f1.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
e4993c83e859d4a9c229eb53a18a1032ef16e5af90e972f413466f47607397f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 16 Dec 2023 01:29:38 GMT
content-encoding
gzip
last-modified
Wed, 08 Nov 2023 13:59:09 GMT
server
AkamaiNetStorage
etag
"25f27f9b18d5e5bceaa21ee21621dbfd:1699451949.571665"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://portal.ayco.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
537
expires
Sat, 16 Dec 2023 02:29:38 GMT
p
api.segment.io/v1/ 		21 B
173 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.segment.io/v1/p
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/publicBundles/SegmentScript?v=mc1ao0VLyTFw-WO26OuQmaY4PgzO6HYLfYH1WbgknaA1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.223.74.168 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-223-74-168.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://portal.ayco.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://portal.ayco.com
date
Sat, 16 Dec 2023 01:29:38 GMT
strict-transport-security
max-age=31536000
content-length
21
vary
Origin
content-type
application/json
s64901581453115
smetrics.marcus.com/b/ss/gsmwellnessprod/1/JS-2.22.0-LDQM/ 		43 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://smetrics.marcus.com/b/ss/gsmwellnessprod/1/JS-2.22.0-LDQM/s64901581453115?AQB=1&ndh=1&pf=1&t=16%2F11%2F2023%202%3A29%3A38%206%20-60&mid=04400830735180369541320830157292206673&aamlh=6&ce=UTF-8&pageName=us%3Aen%3Awellness%3Aprelogin%3Alogin%3Averify_email_login&g=https%3A%2F%2Fportal.ayco.com%2FVerifyEmail&r=https%3A%2F%2Fwellness.ayco.com%2F&cc=USD&ch=prelogin&server=portal.ayco.com&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&v1=04400830735180369541320830157292206673%7C2023-12-15%7C1&c3=8&c4=friday&c5=weekday&c6=new&c7=1&c9=2023-12-15%C2%A008%3A29%3A38&v10=04400830735180369541320830157292206673&c11=not%20logged%20in&c22=en&c23=prelogin&v23=not%20logged%20in&c24=login&v24=prelogin%3Alogin%3Averify_email_login&c25=verify_email_login&c28=us%3Aen%3Awellness%3Aerror%3Apage%3Ageneric-error&c29=100&c31=D%3Dv50&c32=2023-12-15%2020%3A29%3A38&c33=8%3A29%20pm%7Cfriday%7Cweekday&c34=2023-12-15&v37=en&v38=prelogin&v39=login&v40=verify_email_login&c44=us%3Aen%3Awellness%3Aprelogin%3Alogin%3Averify_email_login&v47=landscape-primary&v50=https%3A%2F%2Fportal.ayco.com%2FVerifyEmail&v51=https%3A%2F%2Fportal.ayco.com%2FVerifyEmail&v58=2023-12-15%C2%A008%3A29%3A38&v85=us%3Aen%3Awellness%3Aprelogin%3Alogin%3Averify_email_login&v87=D%3Duser-agent&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=51857BAF56FBC1EC7F000101%40AdobeOrg&AQE=1
Requested by
Host: portal.ayco.com
URL: https://portal.ayco.com/VerifyEmail
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.135 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-135.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://portal.ayco.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Dec 2023 01:29:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
last-modified
Sun, 17 Dec 2023 01:29:38 GMT
server
jag
etag
3656499316452982784-4617748137963341573
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Fri, 15 Dec 2023 01:29:38 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.segment.io
URL
https://api.segment.io/v1/p
Domain
goldmansachs.my.sentry.io
URL
https://goldmansachs.my.sentry.io/api/16/envelope/?sentry_key=8e3c29f6b9334ab69f6d2742e79a1274&sentry_version=7

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| html5 object| Modernizr object| antiClickjack boolean| GS_UX_UITOOLKIT_DISABLE_COMPONENT_ANALYTICS object| _satellite boolean| __satelliteLoaded function| getTimeParting object| adobeDataLayer object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap object| s function| endOfDatePeriod function| PropService object| navProps object| mobileAppBannerService object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| React object| ReactDOM object| ReactRouterDOM object| webpackChunkwellness2 object| __gs_uitk_emotion_instance function| _ object| GS_UX_UITOOLKIT_VERSIONS object| wellness2 function| $ function| jQuery object| angular object| Ayco object| webpackChunk_wellness_segment_bundle object| __SEGMENT_INSPECTOR__ object| SegmentBundle object| analytics object| visitor function| moment string| section string| subSection string| contentTitle string| pg undefined| journeyId string| pagename string| timepart string| time string| hour string| day string| monthstr string| month string| year string| date string| datePart string| consentName function| videojs object| vttjs function| VTTRegion function| WebVTT boolean| IS_WELLNESS2_ENABLED object| freshLoadFromServer undefined| documentModeValue undefined| browserAlertElement string| ADL_pageEventName string| ADL_section string| ADL_subSection string| ADL_contentTitle object| topicName string| ADL_pagenameShort string| Segment_getPreviousValue string| ADL_loggedinStatus string| sID object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt object| s_i_gsmwellnessprod

19 Cookies

Domain/Path Name / Value
wellness.ayco.com/ Name: NSC_psjhjo.ipoftuepmmbs.dpn-443-wc
Value: 5ccba3d8746852c2efc4c1861f65f7e3ce257f172bb0693a90e6b33bb4644e1399e560f1
wellness.ayco.com/ Name: NSC_psjhjo.ipoftuepmmbs.dpn-443-wb
Value: 7c02a3dc6aa8b18fd764600ce92456dd5c238b73e0bdd9af3278cf95b1561002f8d9b8d1
.demdex.net/ Name: demdex
Value: 04728597289724321261351108844466429813
.ayco.com/ Name: AMCVS_51857BAF56FBC1EC7F000101%40AdobeOrg
Value: 1
.ayco.com/ Name: AMCV_51857BAF56FBC1EC7F000101%40AdobeOrg
Value: 359503849%7CMCMID%7C04400830735180369541320830157292206673%7CMCAAMLH-1703294973%7C6%7CMCAAMB-1703294973%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1702697373s%7CNONE%7CvVersion%7C5.0.1
.ayco.com/ Name: ak_bmsc
Value: 2F92B08B3C640273DB96051B41335012~000000000000000000000000000000~YAAQpSV+aOT+PGqMAQAAvTQ+cBYuq3PPrIiNVZQko6FfVeRpGIp8nQGb0eeYjROeMyLbWuIJnOVg/GWZizmyDpag2DxqWdkQD+E7D6GNOxZnEgE21MKu+lmYC1Wpsjdwy4ly+A9VEktnAtpGMaOr3dXuKDpYhn+6krLBzyUTywiRh6y5ZRsjCp4B9NFo0SsRlWrYtvi4d7+KXfk76pMdYCE7pcYX7yqTXKKOSKlWgbP4q0sIIR0PTt+wbrrN9LE4T4DiNUIxkKYTkzlQ6IMA0r0LrJVDfLEm8n65BbiBL6tfa4B2qdekL6+j4DD8nCnBA+oDj9NQsfpQxZ8m9rVadffI6+LJ8fKiDV7exVmPiwfw0OqO7mn3huU1+xtQuSFjDan6HID2pw4ERKeCOlOysDUBtRitQxTDgBDAsGiQ5qcYnBJ8zv4D1mXVpgus3bbu+NdCguYb5wRQ94oeMtZ21g4MeYGpbnL1/Ly5yck6ZANyDlO8x54Ea1sO/YQV
.ayco.com/ Name: deep_link_url
Value: https://wellness.ayco.com/appointment
.ayco.com/ Name: ajs_anonymous_id
Value: 04400830735180369541320830157292206673
.ayco.com/ Name: ADRUM
Value: s=1702690174294&r=https%3A%2F%2Fwellness.ayco.com%2Fappointment%3F0
.ayco.com/ Name: s_vnc365
Value: 1734226174334%26vn%3D1
.ayco.com/ Name: s_ivc
Value: true
.ayco.com/ Name: s_cc
Value: true
portal.ayco.com/ Name: ASP.NET_SessionId
Value: 4xrrdtqu5vlflcu03rfwkq3q
.ayco.com/ Name: s_pp
Value: prelogin%3Alogin%3Averify_email_login
.ayco.com/ Name: s_nr30
Value: 1702690178368-New
.ayco.com/ Name: s_dslv
Value: 1702690178368
.ayco.com/ Name: s_ppn
Value: us%3Aen%3Awellness%3Aprelogin%3Alogin%3Averify_email_login
.ayco.com/ Name: s_ppvl
Value: us%253Aen%253Awellness%253Aprelogin%253Alogin%253Averify_email_login%2C88%2C88%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP
.ayco.com/ Name: s_ppv
Value: us%253Aen%253Awellness%253Aprelogin%253Alogin%253Averify_email_login%2C88%2C88%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP

5 Console Messages

Source Level URL
Text
security error URL: https://wellness.ayco.com/appointment
Message:
Error parsing 'integrity' attribute ('sha512-Jp0niBJEbX6xml4d3QL9VOIjRYL3ThEindcKVq+eVOoD5khLPSCdZqb2QpsSpDnRl0IdJg6eIGovsCBL0Ph6iQ::'). The digest must be a valid, base64-encoded value.
network error URL: https://wellness.ayco.com/api
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://wellness.ayco.com/api
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://wellness.ayco.com/api
Message:
Failed to load resource: the server responded with a status of 401 ()
network error URL: https://wellness.ayco.com/api
Message:
Failed to load resource: the server responded with a status of 401 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-src gap: 'self' https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.demdex.net https://*.appointments.ayco.com https://*.doubleclick.net https://cdn.appdynamics.com; connect-src 'self' https://portal.ayco.com https://sdk.iad-05.braze.com https://goldmansachs.my.sentry.io https://cdn.segment.com https://api.segment.io https://maps.googleapis.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://*.marcus.com https://*.demdex.net https://gsmosaic.tt.omtrdc.net https://cdn.appdynamics.com https://prod.eum.appd.gs.com:443 http://prod.eum.appd.gs.com:443 https://*.clientgraphql.imdwellness.site.gs.com 'unsafe-inline' data:; img-src 'self' * data:; script-src 'self' https://consent.trustarc.com https://cdn.segment.com https://cdn.appdynamics.com https://maps.googleapis.com https://api.segment.io https://www.youtube.com https://accounts.ayco.com https://pilot-accounts.ayco.com https://assets.adobedtm.com https://cdn.jsdelivr.net https://prod.eum.appd.gs.com:443 https://www.google-analytics.com https://www.googleadservices.com https://s.yimg.com https://bat.bing.com https://connect.facebook.net http://prod.eum.appd.gs.com:443 https://www.googletagmanager.com https://snap.licdn.com https://*.marcus.com https://t.contentsquare.net https://googleads.g.doubleclick.net https://sp.analytics.yahoo.com 'unsafe-inline' 'unsafe-eval';
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.segment.io
assets.adobedtm.com
cdn.appdynamics.com
dpm.demdex.net
goldmansachs.my.sentry.io
portal.ayco.com
smetrics.marcus.com
wellness.ayco.com
api.segment.io
goldmansachs.my.sentry.io
104.126.37.169
23.201.254.214
2a02:26f0:3500:591::1e80
34.223.74.168
54.171.181.145
63.140.62.135
65.9.95.96
01aa40bd9c98ddf43a5b5288471bb60ec875d02235068770d3782100d282c4eb
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
05fa2ca1cce3c8b0f18fe5f7476915fdecb703c62ea4ee0bcdad9cfb4129bc71
068522aef452a05e7e908b8550d82a3b84a6b6bfed04c86d006ced5e911f9821
0d1debb6e876260c8076b03ffc98992ecf1b7b824ad8a6c096352e94cb889e7f
11aebd3999c5b61018723bacb2a6ecec463550eec459d0459c3a256bd9a9d8a1
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
140fe00a1c4282b54bcfd81bda66b12ba226ee82c6970e7d2a936ae66ee085c8
1461baa68e332079e547d163c54f92cd716c4c6e26bfd1d0dceddd809295f629
1e41d3044d1c76e25fef8e62cfc705e4352d9bc6c839b8bab77bbc25385eb4f3
204fe0dcc78d964e08b7588628e75c9444cdcf37c2aac95f2ca052b47fd109c3
240b92c555e7da01a2d660d629adad361f3c026c3718b9e5c335efa42a903127
2ac0bc37d2fd84140e4bfac4f95e963f945d70cebcacb2e89ff1cb9d79504ce0
2febd9e4b0e22cb993123f3541fc3476cf52ce9232382a27bddbc584da09646e
338c8f747f271dda5eb806bee0c8c741dc08ba944bf03f0b30c0b550c1aa2e2b
3f070059de628a7928e1055f583f3a7d970e485224c82d330b6029f3ec9e7caf
4b0106bd1ebb5a3a91b82525f10b901fad402c6ac3e6d43b2d281a53dde7b685
4ddcb75fe1289cd53a8c11f1996720b91f23d67fe777d4f68920e890378b1262
5a4e921e32b45fbe03c1be846ffbfefdf75032a4cf921dd507751ad19fef7395
6545161b6eecf06bce83fc96037c31875bf72f95481b6f69a942eead1481c91a
68a48966e3286845f5a77e199c05abb1485d04de91a7816f3508ccc81bcac171
7a0f28c3740201764a370a992ebb4db300652826b31335814614efa9f584495b
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
810196fa576e7df70aaf2dbdaf93df6d9db4842ba6d2c720eb6ab82f8e6642dd
84f05a3c1c4a200ffe226be6ef96bf7f95928b2b803130618ead7733677a5f2b
8be4318a202971eb48bace5ba814c9ea804cc4757b978de0b847e056823bc560
8dc6f10544caa0edc52eb5aa0b69d98ed4dee4119c3149690676819160a2f833
91fde9b51f1a432ce083535ad0d69b6813187c4918a4197122cf72766b34f6f8
9e83216908224ffbc39992a5e60f93ca21b8e2240ba28025ba679c4b70f7112d
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b02aba9705fa4906e839d8091afca318e0e50c62867684e5ade334b510ac1983
b88bef52fef842839c2a7af8c2e4df796cb7952039ccd6db95cb7f3a4f1bfa4a
c5f8152dc4de160073bbd73dea437a13537e52781398819661be6d8e54c3a73d
c6c9c55306e0cc0fbd50b3488121de96630e66f6744a6538e97e982d64144889
cb58516dd31d8c05a3441b8e1024e69c3576efd0ab264f129e5ccef00de36856
cb6a045ad5219afad0984ae64d40ee4c64d0413ac2e4f8c9b7736f20e9b808cf
d4cd8fb5a47ce8242a4cbe97b53dad1f80401a2c932de216f31feaee7a852d0d
d554361630709572f4c9e33d02ca5ae56275756099a62195513017a0421f73c2
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
d6b4fdbd06f95ca9e917ddd0b9a4e66fa7c9fcf3f4198c825031d8629a2fc757
db90c4f04e0e3ea4847c5dd0d14bd84a3fb530e4c1a8c247220c9ec460ad058f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4993c83e859d4a9c229eb53a18a1032ef16e5af90e972f413466f47607397f7
e6d94d254e5a3b7b107282d7cc850490d76b4f942848fb9de99e8f4b4daad904
e6daafc725f4cbc4243b66ff4635963e22e27e37a9b3790f616e817626deb639
ed529ce8f7356abdb4787b6b2dc3c2919c9b281afc28f6d1360b1e6927fc650a
f1e9d172e8dc5e770ef636985bbe60988ed27dba4cf791ab24911f26722441d6
fac04f771fb30e6818db5a26e670e56a02f92104a87dea44a1826bcc5574b076
ff6d14f77e27f7b90cb2f20bce408189f5f388961f3fcd13fe2df2cc0a002dc3