itworkseu.com Open in urlscan Pro
2606:4700::6812:1460 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://vanessaor.itworkseu.com/
Effective URL:
https://itworkseu.com/
Submission: On June 16 via api (June 16th 2024, 7:56:34 pm UTC) from US — Scanned from DE

Summary HTTP 322 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 10 domains to perform 322 HTTP transactions. The main IP is 2606:4700::6812:1460, located in United States and belongs to CLOUDFLARENET, US. The main domain is itworkseu.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 29th 2024. Valid for: 10 months.

This is the only time itworkseu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
111	2606:4700::68... 2606:4700::6812:1460	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	172.217.16.202 172.217.16.202	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
10	151.101.130.217 151.101.130.217	54113 (FASTLY) (FASTLY)
11	104.18.16.131 104.18.16.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	52.207.169.67 52.207.169.67	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6812:1079	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	76.223.31.44 76.223.31.44	16509 (AMAZON-02) (AMAZON-02)
4	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6812:1183	13335 (CLOUDFLAR...) (CLOUDFLARENET)
47	104.18.17.131 104.18.17.131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
37	2a04:4e42::347 2a04:4e42::347	54113 (FASTLY) (FASTLY)
41	151.101.65.91 151.101.65.91	54113 (FASTLY) (FASTLY)
2	142.250.184.227 142.250.184.227	15169 (GOOGLE) (GOOGLE)
322	20

111 2606:4700::6812:1460 (United States)

ASN13335 (CLOUDFLARENET, US)

vanessaor.itworkseu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
itworkseu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.217.16.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.130.217 (San Francisco, United States)

ASN54113 (FASTLY, US)

app.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.18.16.131 (None, )

ASN13335 (CLOUDFLARENET, US)

services.itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.207.169.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-169-67.compute-1.amazonaws.com

events.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1079 (United States)

ASN13335 (CLOUDFLARENET, US)

static.myitworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 76.223.31.44 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a1370dc23e25e46ce.awsglobalaccelerator.com

clientstream.launchdarkly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:1183 (United States)

ASN13335 (CLOUDFLARENET, US)

cmsproxy.itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 104.18.17.131 (None, )

ASN13335 (CLOUDFLARENET, US)

cmsproxy.itworks.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a04:4e42::347 (United States)

ASN54113 (FASTLY, US)

assets-us-01.kc-usercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 151.101.65.91 (San Francisco, United States)

ASN54113 (FASTLY, US)

assets-us-01.kc-usercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
111	itworkseu.com vanessaor.itworkseu.com itworkseu.com	5 MB
78	kc-usercontent.com assets-us-01.kc-usercontent.com — Cisco Umbrella Rank: 61235	2 MB
61	itworks.com services.itworks.com — Cisco Umbrella Rank: 904813 cmsproxy.itworks.com — Cisco Umbrella Rank: 995851	87 KB
20	launchdarkly.com app.launchdarkly.com — Cisco Umbrella Rank: 809 events.launchdarkly.com — Cisco Umbrella Rank: 842 clientstream.launchdarkly.com — Cisco Umbrella Rank: 843	8 KB
9	gstatic.com fonts.gstatic.com	69 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 68 region1.google-analytics.com — Cisco Umbrella Rank: 2347	21 KB
8	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 391	257 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 79	188 KB
3	myitworks.com static.myitworks.com — Cisco Umbrella Rank: 876822	1 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 814	29 KB
322	10

	Domain	Requested by
78	assets-us-01.kc-usercontent.com
60	vanessaor.itworkseu.com	vanessaor.itworkseu.com
51	itworkseu.com	vanessaor.itworkseu.com itworkseu.com
50	cmsproxy.itworks.com	vanessaor.itworkseu.com itworkseu.com
11	services.itworks.com	vanessaor.itworkseu.com itworkseu.com
10	app.launchdarkly.com	vanessaor.itworkseu.com itworkseu.com
9	fonts.gstatic.com	vanessaor.itworkseu.com itworkseu.com
8	maps.googleapis.com	vanessaor.itworkseu.com maps.googleapis.com itworkseu.com
7	events.launchdarkly.com	vanessaor.itworkseu.com itworkseu.com
6	region1.google-analytics.com	www.googletagmanager.com
6	www.googletagmanager.com	vanessaor.itworkseu.com www.googletagmanager.com itworkseu.com
3	clientstream.launchdarkly.com
3	static.myitworks.com
3	www.google-analytics.com	vanessaor.itworkseu.com itworkseu.com
3	code.jquery.com	vanessaor.itworkseu.com itworkseu.com
322	15

This site contains links to these domains. Also see Links.

Domain
www.instagram.com
www.facebook.com
twitter.com
www.pinterest.com
dsa.org.uk
www.dsai.ie

Subject Issuer	Validity	Valid
itworkseu.com Cloudflare Inc ECC CA-3	`2024-02-29` - `2024-12-31`	10 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
upload.video.google.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.google-analytics.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
*.gstatic.com WR2	`2024-05-27` - `2024-08-19`	3 months	crt.sh
app.launchdarkly.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-04-04` - `2025-05-06`	a year	crt.sh
itworks.com Cloudflare Inc ECC CA-3	`2024-03-06` - `2024-12-31`	10 months	crt.sh
events.launchdarkly.com Amazon ECDSA 256 M03	`2024-05-22` - `2025-06-21`	a year	crt.sh
myitworks.com GTS CA 1P5	`2024-05-31` - `2024-08-29`	3 months	crt.sh
clientstream.launchdarkly.com Amazon RSA 2048 M02	`2023-08-09` - `2024-09-05`	a year	crt.sh
*.kc-usercontent.com R3	`2024-04-18` - `2024-07-17`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://itworkseu.com/
Frame ID: 61908F9D2E71B3BD76DF411FB39CF034
Requests: 288 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Startseite | IT WORKS!

Page URL History Show full URLs

https://vanessaor.itworkseu.com/ Page URL
https://vanessaor.itworkseu.com/ Page URL
https://itworkseu.com/ Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

322
Requests

96 %
HTTPS

53 %
IPv6

10
Domains

15
Subdomains

20
IPs

3
Countries

7611 kB
Transfer

23694 kB
Size

9
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.instagram.com/itworkshq

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheOfficialItWorks/

Search URL Search Domain Scan URL

URL: https://twitter.com/itworksglobal

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/itworksglobal/

Search URL Search Domain Scan URL

URL: https://dsa.org.uk/dsa-codes-3/
Title: DSA

Search URL Search Domain Scan URL

URL: https://www.dsai.ie/about-the-dsai/dsai-business-code-of-conduct/
Title: DSAI

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://vanessaor.itworkseu.com/ Page URL
https://vanessaor.itworkseu.com/ Page URL
https://itworkseu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

322 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
vanessaor.itworkseu.com/ 16 KB
4 KB 585ms
461ms Document
text/html 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

695b8049e98f72c985a699d677d4d24b4086fa3454f5828165712b2e5a4ce534

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 894d5cd44fd69064-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sun, 16 Jun 2024 19:56:20 GMT
last-modified: Thu, 13 Jun 2024 18:56:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=2592000
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-xss-protection: 1; mode=block

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 128ms
38ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4423937
x-cache: HIT, HIT
content-length: 29811
x-served-by: cache-lga21935-LGA, cache-cph2320046-CPH
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1718567781.078954,VS0,VE0
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 62, 28406

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 213 KB
73 KB 171ms
72ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

b091f3023446e7f64d26b68228d1d5aa794ac256f08cef1fdcb158b6ea1f0b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73937
x-xss-protection: 0

GET
H2 200 runtime.31df61a6178bcb23.js Show response
vanessaor.itworkseu.com/portal/ 3 KB
2 KB 459ms
458ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/runtime.31df61a6178bcb23.js

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9c6b0d6471bccb5f084f1268800f29520099224469d9cd4f8b8e9cb54f04fd45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"dda-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cd73b979064-FRA
expires: Sun, 16 Jun 2024 23:56:21 GMT

GET
H2 200 polyfills.82a2842c2492498d.js Show response
vanessaor.itworkseu.com/portal/ 69 KB
24 KB 632ms
631ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e8d7453f1b6aee84cf2a2eb5a5627e94f9974613636906dccc4908d10fec6aa6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"112bc-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cd73b9b9064-FRA
expires: Sun, 16 Jun 2024 23:56:21 GMT

GET
H2 200 scripts.2a1e351c7b378688.js Show response
vanessaor.itworkseu.com/portal/ 123 KB
45 KB 629ms
627ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/scripts.2a1e351c7b378688.js

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0faafdb139b75f63e0a8e3efe617e12474e8475fb08c39d22c5f78837d36f384

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"1ea63-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cd8fdb79064-FRA
expires: Sun, 16 Jun 2024 23:56:21 GMT

GET
H2 200 main.e2398128f97f38de.js Show response
vanessaor.itworkseu.com/portal/ 3 MB
737 KB 622ms
621ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/main.e2398128f97f38de.js

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

68aa7cb71344c2855bb324d7d3937d73989545bca89b634b6b10069abdac7a20

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"2e7536-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cd73b9d9064-FRA
expires: Sun, 16 Jun 2024 23:56:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
83 KB 166ms
73ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1263d0804845ef80ebb852fade8fd01fea4f2dd23d613ad36754d1fcbcc60a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84204
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jun 2024 19:56:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 132ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 18:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5233
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 16 Jun 2024 20:29:08 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 133ms
54ms XHR
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 styles.8465263cf49cc437.css
vanessaor.itworkseu.com/portal/ 1 MB
129 KB 815ms
815ms Stylesheet
text/css 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

425e80c067d53827c523399ca34da4b5d13041f3982f965c8f2e104ac9aa898c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:22 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"11943b-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cd8fdba9064-FRA
expires: Sun, 16 Jun 2024 23:56:21 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/ 45 KB
46 KB 134ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 22:18:45 GMT
x-content-type-options: nosniff
age: 250656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46552
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:46:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 22:18:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 320 KB
106 KB 72ms
72ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84765e63e56cafa0ae2a9ee2b777deb0c85e37b0b233196db9e445b730406d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jun 2024 19:56:21 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 139ms
46ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46c0v890894587z879783485za200zb79783485&_p=1718567780990&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=492794762.1718567782&ecid=638573367&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=1&sid=1718567781&sct=1&seg=0&dl=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1376
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 19:56:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/ 0
0 188ms
43ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sun, 16 Jun 2024 19:56:22 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-fra-etou8220059-FRA
x-timer: S1718567783.914624,VS0,VE1

OPTIONS
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ 0
0 177ms
42ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sun, 16 Jun 2024 19:56:22 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-etou8220059-FRA
x-timer: S1718567783.914650,VS0,VE1

GET
H2 200 level Show response
vanessaor.itworkseu.com/api/log/ 20 B
131 B 148ms
147ms XHR
application/json 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log/level
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:22 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 894d5ce229ef9064-FRA
content-length: 20

GET
H3 200 countries Show response
services.itworks.com/countries/v1/ 3 KB
918 B 405ms
246ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/countries/v1/countries

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

messageid: 9bc40148-f6b0-402a-98d3-dfc932cb9055
date: Sun, 16 Jun 2024 19:56:23 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Sun, 16 Jun 2024 19:56:23 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
xcalledservice: S:https://see-inbound-policy.com/
access-control-expose-headers: CorrelationId
cache-control: public, max-age=14400
cf-ray: 894d5ce33e2bc06a-WAW
expires: Sun, 16 Jun 2024 23:56:23 GMT

GET
H2 200 5bb3bd847387e1367e01ff04 Show response
app.launchdarkly.com/sdk/goals/ 2 B
176 B 41ms
40ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 varnish
date: Sun, 16 Jun 2024 19:56:22 GMT
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-etou8220059-FRA
x-timer: S1718567783.958273,VS0,VE1
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
access-control-max-age: 300
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 1

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0 Show response
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ 42 KB
6 KB 53ms
52ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5ad3f76d575aef3074edd35e6c3ab8b912d1cf6afec4814a4efeef44f5635a0b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:22 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-cache: HIT
content-length: 5806
x-served-by: cache-fra-etou8220038-FRA, cache-fra-etou8220059-FRA
x-timer: S1718567783.958198,VS0,VE14
etag: "138dbb"
access-control-max-age: 3600
access-control-allow-methods: OPTIONS, GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
vary: Authorization, Accept-Encoding
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
x-cache-hits: 0

POST
H2 202 5bb3bd847387e1367e01ff04 Show response
events.launchdarkly.com/events/diagnostic/ 0
359 B 119ms
118ms XHR
application/json 52.207.169.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.207.169.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-169-67.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 48ms
47ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46c0v890894587za200zb79783485&_p=1718567780990&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=492794762.1718567782&ecid=638573367&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEA&_s=2&sid=1718567781&sct=1&seg=0&dl=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dt=It%20Works!&en=scroll&epn.percent_scrolled=90&_et=11&tfd=2421
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 19:56:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/ 0
0 377ms
126ms Preflight 52.207.169.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.207.169.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-169-67.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sun, 16 Jun 2024 19:56:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains

GET
H/1.1 200
OK favicon.svg
static.myitworks.com/themes/rws-v3/images/ 841 B
1 KB 233ms
80ms Other
image/svg+xml 2606:4700::6812:1079
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myitworks.com/themes/rws-v3/images/favicon.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1079 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 19:56:23 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 703
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Wed, 01 Mar 2023 19:06:35 GMT
Server: cloudflare
etag: W/"28dcb8f1704cd91:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
access-control-allow-origin: *
Cache-Control: public, max-age=14400
CF-RAY: 894d5ce42ec86913-FRA
access-control-allow-headers: Content-Type,Authorization
Expires: Sun, 16 Jun 2024 23:56:23 GMT

POST
H2 200 log Show response
vanessaor.itworkseu.com/api/ 0
62 B 156ms
155ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:23 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5ce3ebd29064-FRA
content-length: 0

GET
H2 200 bag Show response
vanessaor.itworkseu.com/ajax/ 1 KB
1003 B 1301ms
1301ms XHR
application/json 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/ajax/bag

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13ea5439013b32e445a52c319fb1f72f4dd6da9d9604c008bf13d95f26e1027d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-iwgtime: 6/16/2024 2:56:24 PM
pragma: no-cache
date: Sun, 16 Jun 2024 19:56:24 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json; Charset=utf-8
cache-control: no-store,no-cache
cf-ray: 894d5ce3ebd69064-FRA
expires: Sat, 15 Jun 2024 19:56:24 GMT

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/ 42 KB
0 254ms
114ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/event-stream
Cache-Control: no-cache
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H2 200 trace Show response
vanessaor.itworkseu.com/cdn-cgi/ 324 B
381 B 41ms
41ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/cdn-cgi/trace

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e18770638773bed841600b9b56ff4e1d27b6d859f85b83d0a24f8b6084ca73e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 894d5ce4bcca9064-FRA
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 setcountry
vanessaor.itworkseu.com/ajax/ 18 B
344 B 1162ms
1161ms XHR
application/json 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/ajax/setcountry?action=insert&country=DE&language=de&page=&timestamp=1718567783184

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 19:56:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json; Charset=utf-8
cache-control: no-cache; private; no-store; must-revalidate; max-stale=0; post-check=0; pre-check=0; max-age=0
cf-ray: 894d5ce50d199064-FRA
content-length: 18
expires: -1,Sat, 15 Jun 2024 19:56:24 GMT

GET undefined
services.itworks.com/countries/v1/countrysettings/ 0
0

GET
H2 200 / Show response
vanessaor.itworkseu.com/ 16 KB
346 B 169ms
169ms Document
text/html 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/main.e2398128f97f38de.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

695b8049e98f72c985a699d677d4d24b4086fa3454f5828165712b2e5a4ce534

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://vanessaor.itworkseu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 894d5cec4ec89064-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sun, 16 Jun 2024 19:56:24 GMT
last-modified: Thu, 13 Jun 2024 18:56:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=2592000
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-xss-protection: 1; mode=block

POST collect
region1.google-analytics.com/g/ 0
0

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
0 128ms
38ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4423937
x-cache: HIT, HIT
content-length: 29811
x-served-by: cache-lga21935-LGA, cache-cph2320046-CPH
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1718567781.078954,VS0,VE0
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 62, 28406

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 213 KB
0 171ms
72ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

b091f3023446e7f64d26b68228d1d5aa794ac256f08cef1fdcb158b6ea1f0b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73937
x-xss-protection: 0

GET
H2 200 runtime.31df61a6178bcb23.js Show response
vanessaor.itworkseu.com/portal/ 3 KB
0 459ms
458ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/runtime.31df61a6178bcb23.js

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9c6b0d6471bccb5f084f1268800f29520099224469d9cd4f8b8e9cb54f04fd45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"dda-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cd73b979064-FRA
expires: Sun, 16 Jun 2024 23:56:21 GMT

GET
H2 200 polyfills.82a2842c2492498d.js Show response
vanessaor.itworkseu.com/portal/ 69 KB
0 632ms
631ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e8d7453f1b6aee84cf2a2eb5a5627e94f9974613636906dccc4908d10fec6aa6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"112bc-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cd73b9b9064-FRA
expires: Sun, 16 Jun 2024 23:56:21 GMT

GET
H2 200 scripts.2a1e351c7b378688.js Show response
vanessaor.itworkseu.com/portal/ 123 KB
0 629ms
627ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/scripts.2a1e351c7b378688.js

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0faafdb139b75f63e0a8e3efe617e12474e8475fb08c39d22c5f78837d36f384

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"1ea63-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cd8fdb79064-FRA
expires: Sun, 16 Jun 2024 23:56:21 GMT

GET
H2 200 main.e2398128f97f38de.js Show response
vanessaor.itworkseu.com/portal/ 3 MB
0 622ms
621ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/main.e2398128f97f38de.js

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

68aa7cb71344c2855bb324d7d3937d73989545bca89b634b6b10069abdac7a20

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"2e7536-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cd73b9d9064-FRA
expires: Sun, 16 Jun 2024 23:56:21 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
0 166ms
73ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1263d0804845ef80ebb852fade8fd01fea4f2dd23d613ad36754d1fcbcc60a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84204
x-xss-protection: 0
last-modified: Sun, 16 Jun 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jun 2024 19:56:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 132ms
39ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 16 Jun 2024 18:29:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5233
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 16 Jun 2024 20:29:08 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 64ms
64ms XHR
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 styles.8465263cf49cc437.css
vanessaor.itworkseu.com/portal/ 1 MB
0 815ms
815ms Stylesheet
text/css 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

425e80c067d53827c523399ca34da4b5d13041f3982f965c8f2e104ac9aa898c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:22 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"11943b-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cd8fdba9064-FRA
expires: Sun, 16 Jun 2024 23:56:21 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/ 45 KB
0 134ms
40ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 22:18:45 GMT
x-content-type-options: nosniff
age: 250656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46552
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:46:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 22:18:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 320 KB
0 72ms
72ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84765e63e56cafa0ae2a9ee2b777deb0c85e37b0b233196db9e445b730406d70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jun 2024 19:56:21 GMT

GET
H2 200 level Show response
vanessaor.itworkseu.com/api/log/ 20 B
35 B 154ms
153ms XHR
application/json 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log/level
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:24 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
etag: W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 894d5cef8b779064-FRA
content-length: 20

GET
H2 200 5bb3bd847387e1367e01ff04 Show response
app.launchdarkly.com/sdk/goals/ 2 B
70 B 40ms
40ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:24 GMT
via: 1.1 varnish
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-etou8220059-FRA
x-timer: S1718567785.884367,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
access-control-max-age: 300
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 2

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0 Show response
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ 42 KB
53 B 41ms
41ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 5ad3f76d575aef3074edd35e6c3ab8b912d1cf6afec4814a4efeef44f5635a0b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:24 GMT
via: 1.1 varnish
content-encoding: gzip
age: 0
x-cache: HIT
content-length: 5806
x-served-by: cache-fra-etou8220059-FRA
server: Varnish
x-timer: S1718567785.884572,VS0,VE0
etag: "138dbb"
vary: Authorization, Accept-Encoding
access-control-max-age: 3600
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
retry-after: 0
x-cache-hits: 0

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 49ms
48ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46c0v890894587z879783485za200zb79783485&_p=1718567784690&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=89742424.1718567785&ecid=175592450&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=1&sid=1718567784&sct=1&seg=0&dl=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dr=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=567
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 19:56:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 51ms
50ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46c0v890894587za200zb79783485&_p=1718567784690&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=89742424.1718567785&ecid=175592450&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEA&_s=2&sid=1718567784&sct=1&seg=0&dl=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dr=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dt=It%20Works!&en=scroll&epn.percent_scrolled=90&_et=80&tfd=659
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 19:56:25 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK favicon.svg
static.myitworks.com/themes/rws-v3/images/ 841 B
0 0ms
0ms Other
image/svg+xml 2606:4700::6812:1079
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myitworks.com/themes/rws-v3/images/favicon.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1079 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 19:56:23 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
last-modified: Wed, 01 Mar 2023 19:06:35 GMT
Server: cloudflare
Age: 703
etag: W/"28dcb8f1704cd91:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
access-control-allow-origin: *
Cache-Control: public, max-age=14400
CF-RAY: 894d5ce42ec86913-FRA
access-control-allow-headers: Content-Type,Authorization
Expires: Sun, 16 Jun 2024 23:56:23 GMT

POST
H2 200 log Show response
vanessaor.itworkseu.com/api/ 0
83 B 167ms
166ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:25 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cf07cac9064-FRA
content-length: 0

GET
H2 200 bag Show response
vanessaor.itworkseu.com/ajax/ 1 KB
769 B 620ms
619ms XHR
application/json 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/ajax/bag

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2bbb46985d2beda7522dd7ecf813b254a23b76501d43dc0504ea4b10ff5d382

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-iwgtime: 6/16/2024 2:56:25 PM
pragma: no-cache
date: Sun, 16 Jun 2024 19:56:25 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json; Charset=utf-8
cache-control: no-store,no-cache
cf-ray: 894d5cf07caf9064-FRA
expires: Sat, 15 Jun 2024 19:56:24 GMT

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/ 42 KB
0 66ms
66ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/event-stream
Cache-Control: no-cache
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:25 GMT
strict-transport-security: max-age=31536000; includeSubDomains
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H3 200 DE Show response
services.itworks.com/countries/v1/countrysettings/ 613 B
835 B 247ms
247ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/countries/v1/countrysettings/DE

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06b2ddf9493f9858bb5e54b00f40987b46c7e2bd94c524b9ad3a428e863e8002

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

messageid: c3f721a7-5610-4357-b7bf-85a1aa5b3ff3
date: Sun, 16 Jun 2024 19:56:25 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Sun, 16 Jun 2024 19:56:25 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
xcalledservice: S:https://see-inbound-policy.com/
access-control-expose-headers: CorrelationId
cache-control: public, max-age=14400
cf-ray: 894d5cf46997c06a-WAW
expires: Sun, 16 Jun 2024 23:56:25 GMT

GET
H3 200 DE Show response
services.itworks.com/countries/v1/countrysettings/ 613 B
0 247ms
247ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.itworks.com/countries/v1/countrysettings/DE
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b2ddf9493f9858bb5e54b00f40987b46c7e2bd94c524b9ad3a428e863e8002

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

messageid: c3f721a7-5610-4357-b7bf-85a1aa5b3ff3
date: Sun, 16 Jun 2024 19:56:25 GMT
content-encoding: gzip
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Sun, 16 Jun 2024 19:56:25 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
content-type: application/json; charset=utf-8
access-control-expose-headers: CorrelationId
cache-control: public, max-age=14400
cf-ray: 894d5cf46997c06a-WAW
expires: Sun, 16 Jun 2024 23:56:25 GMT

OPTIONS
H2 204 site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 193ms
84ms Preflight 2606:4700::6812:1183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=de-DE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cf699980410-FRA
date: Sun, 16 Jun 2024 19:56:26 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230070-FRA

GET
H2 200 site_redirects Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 18 KB
4 KB 77ms
75ms XHR
application/json 2606:4700::6812:1183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=de-DE

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0587470bf94a3afee5bf803a6aa31c55807ce970fb6c63e34fe8b41219a42603

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 34
date: Sun, 16 Jun 2024 19:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 31
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 4271
x-served-by: cache-fra-eddf8230036-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cf72a8a0410-FRA
expires: Sun, 16 Jun 2024 20:01:26 GMT

GET
H3 404 vanessaor
services.itworks.com/customer/v1/profiles/ 0
456 B 872ms
871ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/customer/v1/profiles/vanessaor

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

correlationid: c7850c79064e7b4b00746d9626ba96d6
messageid: 1a43f6e2-a80c-4b0a-8272-c5ff3e706365
date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
access-control-expose-headers: CorrelationId
cache-control: public, max-age=30
cf-ray: 894d5cf7bf80c06a-WAW
expires: Sun, 16 Jun 2024 19:56:57 GMT

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0 191ms
191ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=de-DE&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cf7c9f9bf25-WAW
date: Sun, 16 Jun 2024 19:56:26 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230051-FRA

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0 182ms
182ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=de-DE&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cf7ca00bf25-WAW
date: Sun, 16 Jun 2024 19:56:26 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230105-FRA

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 98 KB
20 KB 165ms
164ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=de-DE&limit=1

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c65ef5bc96c24b485c1809f0b27e1e2e4e41a291821f62b4e5f302bc4c5688e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Sun, 16 Jun 2024 19:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 69
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 19995
x-served-by: cache-fra-eddf8230041-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cf8fbf0bf25-WAW
expires: Sun, 16 Jun 2024 20:01:26 GMT

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 4 KB
2 KB 124ms
123ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=de-DE&limit=1

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32779f411f780e66b75abbd48f6e3709ccda4ec34ae1e0a3fb4971750582199a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 13
date: Sun, 16 Jun 2024 19:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 1
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1589
x-served-by: cache-fra-eddf8230113-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cf8ebdabf25-WAW
expires: Sun, 16 Jun 2024 20:01:26 GMT

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0 102ms
102ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=de-DE&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cfb1f58bf25-WAW
date: Sun, 16 Jun 2024 19:56:26 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230105-FRA

POST
H2 200 log Show response
vanessaor.itworkseu.com/api/ 0
60 B 149ms
149ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:26 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaaafb9064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
60 B 436ms
436ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaaafd9064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 442ms
441ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaab019064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 447ms
447ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfabb059064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 442ms
442ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfabb089064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 481ms
480ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaeb419064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 465ms
464ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaeb449064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 471ms
471ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaeb489064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 469ms
469ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaeb499064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 501ms
501ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaeb4c9064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 482ms
482ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaeb4e9064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 476ms
476ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaeb519064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 479ms
478ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfaeb539064-FRA
content-length: 0

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 80 KB
20 KB 147ms
146ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=de-DE&limit=1

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8011a6f2ab276eb4c7b1670e043c34fde360c96b1f43edf307cd78b66696d2ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 16 Jun 2024 19:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 69
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 20218
x-served-by: cache-vie6321-VIE
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfbb8abbf25-WAW
expires: Sun, 16 Jun 2024 20:01:26 GMT

GET
H3 404 details
services.itworks.com/customer/v1/profiles/vanessaor/ 0
456 B 645ms
645ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/customer/v1/profiles/vanessaor/details

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

correlationid: c1cf4dcea9c48c430e959b51ab1c7a53
messageid: 71bfec96-fff6-482b-a23f-d48fada6b482
date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
access-control-expose-headers: CorrelationId
cache-control: public, max-age=30
cf-ray: 894d5cfb1cc5c06a-WAW
expires: Sun, 16 Jun 2024 19:56:57 GMT

GET
H2 200 IW-DT-Logo.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/bd21d716-d165-42e5-aaf2-20eb24f0d1d5/ 5 KB
5 KB 138ms
41ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/bd21d716-d165-42e5-aaf2-20eb24f0d1d5/IW-DT-Logo.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: eb0a40d6189d005af2798fedd75181a76cf220bcfef2bb917754cd86edaa61e1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000121-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
last-modified: Fri, 02 Sep 2022 15:11:24 GMT
x-timer: S1718567787.857522,VS0,VE1
etag: 0x8DA8CF5670027F4
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4863
x-cache-hits: 11495, 0

GET
H2 200 icon-instagram.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/ 3 KB
3 KB 137ms
41ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/icon-instagram.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100059-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
last-modified: Wed, 09 Aug 2023 17:14:17 GMT
x-timer: S1718567787.857557,VS0,VE1
etag: 0x8DB98FC1030F36A
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2930
x-cache-hits: 16044, 0

GET
H2 200 icon-facebook.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/ 462 B
615 B 135ms
40ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/icon-facebook.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000051-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
last-modified: Wed, 09 Aug 2023 17:14:49 GMT
x-timer: S1718567787.857482,VS0,VE1
etag: 0x8DB98FC2354D19C
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 462
x-cache-hits: 7321, 0

GET
H2 200 twitter-black%2032x32.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/ 785 B
939 B 140ms
45ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/twitter-black%2032x32.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200034-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
last-modified: Wed, 03 Apr 2024 14:28:37 GMT
x-timer: S1718567787.857498,VS0,VE1
etag: 0x8DC53EA59EEDAB8
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 785
x-cache-hits: 17058, 0

GET
H2 200 icon-pinterest.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/ 1 KB
1 KB 136ms
40ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/icon-pinterest.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200024-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
last-modified: Wed, 09 Aug 2023 17:15:55 GMT
x-timer: S1718567787.857513,VS0,VE1
etag: 0x8DB98FC4AD3F6A5
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1193
x-cache-hits: 13467, 0

GET
H2 200 DSA-Logo-Footer.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a3417ea8-34fe-4811-acdb-8aa528d3dd0f/ 4 KB
4 KB 135ms
40ms Image
image/png 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a3417ea8-34fe-4811-acdb-8aa528d3dd0f/DSA-Logo-Footer.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ceb2fcee0d66807522ec4b1a5a0501291a6d2fbb3b128a6d00a09e5a2b07b686

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100095-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010248
x-timer: S1718567787.857545,VS0,VE1
etag: "RFPw5j+FI7SsudTPcOBEiq4/00o/Td6PMmG8wYBwX58"
x-cache: HIT, HIT
content-type: image/png
fastly-io-info: ifsz=5390 idim=100x59 ifmt=png ofsz=3998 odim=100x59 ofmt=png
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3998
x-cache-hits: 553, 0

GET
H2 200 DSAI-Logo-Footer.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e0aab28c-2dcb-46b2-b203-f510378ea492/ 6 KB
6 KB 100ms
39ms Image
image/png 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e0aab28c-2dcb-46b2-b203-f510378ea492/DSAI-Logo-Footer.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6437d38ffa572dd9cb43604f3c32def0b2a38889b03c649e1b7a2a6200aa031

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000037-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010227
x-timer: S1718567787.857202,VS0,VE1
etag: "EKcx4jckM6dbYwho8GWx1x7NK+c00v0Tn2+d1orVfbE"
x-cache: HIT, HIT
content-type: image/png
fastly-io-info: ifsz=7400 idim=100x59 ifmt=png ofsz=6028 odim=100x59 ofmt=png
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6028
x-cache-hits: 378, 0

GET
H2 200 30-Day%20Drop%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/f1c457db-8ec9-4b45-a058-baa6d6c4179a/ 5 KB
6 KB 45ms
42ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/f1c457db-8ec9-4b45-a058-baa6d6c4179a/30-Day%20Drop%20System.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c5e7bf09ffe0aa6d5fbebdeddc9cb330951e00a246ee2f7edb747b54793a8c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000118-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010213
x-timer: S1718567787.900824,VS0,VE0
etag: "l7srhusXHGQhutE2XCK+ve0WKxFafuTe9/gLR+sHn2k"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=48333 idim=225x280 ifmt=png ofsz=5592 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5592
x-cache-hits: 591, 617

GET
H2 200 Slimming%20Reset%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0671ab95-ed39-4657-b84f-15b373ad2f63/ 5 KB
5 KB 53ms
52ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0671ab95-ed39-4657-b84f-15b373ad2f63/Slimming%20Reset%20System.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d143fe191026f5124ebaa7d881b32df80c7618f798bbf78c7d7fd77815c69b28

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100029-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010210
x-timer: S1718567787.901522,VS0,VE1
etag: "lWTd39rGEflGeZXMQNvvwN7STuzcafvjg3tUD5o2i98"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=36432 idim=225x280 ifmt=png ofsz=4878 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4878
x-cache-hits: 252, 1

GET
H2 200 30-Day%20Gut%20Reset%20Essentials.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e8ba8a32-1206-43f7-bd11-d8773026e274/ 6 KB
6 KB 49ms
48ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e8ba8a32-1206-43f7-bd11-d8773026e274/30-Day%20Gut%20Reset%20Essentials.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2379c51d9a919a8b4033e04406c6b9aa810951eb66e11d71f3d7d99e68f85e90

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100063-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010249
x-timer: S1718567787.901330,VS0,VE1
etag: "gmtCO9yYUWbl4gJO2WjOCFGCbfmHG7qo/09CDeulMdA"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=44892 idim=225x280 ifmt=png ofsz=5650 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5650
x-cache-hits: 343, 0

GET
H2 200 30-Day%20Gut%20Reset%20Deluxe.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4859210b-49f3-4797-a8a9-367c54254f5f/ 5 KB
6 KB 53ms
51ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4859210b-49f3-4797-a8a9-367c54254f5f/30-Day%20Gut%20Reset%20Deluxe.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8378c9df9e9ca62784c40955d2dfb36053e1d902095a8165143ebaa42e8ab135

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200031-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010212
x-timer: S1718567787.901239,VS0,VE1
etag: "8UGl0+L+JaX/UDT+hfE/inUmDnas6tmRUrDv0lrCGOY"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=48723 idim=225x280 ifmt=png ofsz=5542 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5542
x-cache-hits: 393, 1

GET
H2 200 30-Day%20Gut%20Reset%20Signature.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c5b4fdad-9763-4ba1-9015-268b2d294a17/ 5 KB
5 KB 47ms
46ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c5b4fdad-9763-4ba1-9015-268b2d294a17/30-Day%20Gut%20Reset%20Signature.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 33e1203c3ea9e900bc906fde3d0fc093d587a11fea5848a505b5ec8688112648

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100055-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010214
x-timer: S1718567787.901214,VS0,VE1
etag: "SqHOIA412KiqZuk5T8htp0uazdDVYACAi6s8dpZXe9c"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=41164 idim=225x280 ifmt=png ofsz=4804 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4804
x-cache-hits: 128, 0

GET
H2 200 Active%20Lifestyle%20Essentials.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/149bff77-54dd-456c-9305-e40a6c60eeb2/ 5 KB
5 KB 51ms
50ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/149bff77-54dd-456c-9305-e40a6c60eeb2/Active%20Lifestyle%20Essentials.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 408eda64b810bd8e0657804c98247b0791002077b07bac1e51db6b2e87098abf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100063-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010230
x-timer: S1718567787.901174,VS0,VE1
etag: "5o0O8k6QVKsAHth0RHT80rjUwMdG+hk6YznxwlTfUOA"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=38110 idim=225x280 ifmt=png ofsz=5098 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5098
x-cache-hits: 776, 1

GET
H2 200 Sport%20Pack.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d516c1a5-868a-433a-b5d0-0d3a76077680/ 6 KB
6 KB 46ms
45ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d516c1a5-868a-433a-b5d0-0d3a76077680/Sport%20Pack.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fb67f8ee1ba164ed353f6682efc0f15d1c83145619fcfa9e58670710e49e0bde

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000075-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010213
x-timer: S1718567787.901959,VS0,VE0
etag: "kdt8MkmWqdD3T7YxibpnDUI8EOWrsBVWtFekED6+CCk"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=42370 idim=225x280 ifmt=png ofsz=5802 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5802
x-cache-hits: 579, 268

GET
H2 200 Body%20Sculpt%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/8a378ddb-5a1a-4755-9c55-bc2779953918/ 5 KB
5 KB 134ms
132ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/8a378ddb-5a1a-4755-9c55-bc2779953918/Body%20Sculpt%20System.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: abe3459beffdf09ae5d7d0992d93704b43a30ecdd519a6d21494fdebc95ce394

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200051-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010230
x-timer: S1718567787.901940,VS0,VE1
etag: "ZmgOwuvRcWjToBwuoWthu9T3Dez61+lT0v0S5n+ahEU"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=52821 idim=225x280 ifmt=png ofsz=5200 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5200
x-cache-hits: 755, 0

GET
H2 200 HelloGlow%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/75f2475c-4a26-4bd5-98ed-8f238e1649dd/ 5 KB
5 KB 134ms
133ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/75f2475c-4a26-4bd5-98ed-8f238e1649dd/HelloGlow%20System.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d55569771d59c3b9fc13bec04015dd42e8a64d757ed1bf3e1d5c13720804d0f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000172-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010247
x-timer: S1718567787.901930,VS0,VE1
etag: "wmWAUKLBCrl3vKRDPLCVM340xudeCaOJl7roBkIs8Ps"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=45267 idim=225x280 ifmt=png ofsz=5372 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5372
x-cache-hits: 255, 0

GET
H2 200 Listing-Image-SuperGreens_EU.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ea091be7-44b6-4355-b7f3-4e014b9f0d44/ 64 KB
65 KB 95ms
94ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ea091be7-44b6-4355-b7f3-4e014b9f0d44/Listing-Image-SuperGreens_EU.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44dfdea1720d441470cbfe3836dffedf97808045cb29c695f40e4b7f48ffd353

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100056-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010216
x-timer: S1718567787.901908,VS0,VE1
etag: "ZOTv2XsV++KGkxxY/tK/DImK/Zy8i5iO0EmlQAqxemU"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=478825 idim=1080x1080 ifmt=png ofsz=65852 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65852
x-cache-hits: 834, 0

GET
H2 200 EU33304VALUE-supergreens-chocolate-jar-1081x1080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/537a6684-4e8c-4776-837c-4ec541749979/ 73 KB
73 KB 94ms
93ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/537a6684-4e8c-4776-837c-4ec541749979/EU33304VALUE-supergreens-chocolate-jar-1081x1080.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 491ad16cde975de0388e6b684025b30332dfe28c0bae2f9285ec93da0ef3d49f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100082-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010231
x-timer: S1718567787.901903,VS0,VE1
etag: "jSpQz4wVTZcV/9RPIW4s/JoByVp4UgCILQLrTbjPzps"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=911456 idim=1080x1080 ifmt=png ofsz=74772 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 74772
x-cache-hits: 690, 0

GET
H2 200 EU%20Super%20Reds%20listing%20image_1080x1080_EU.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/09dcc3f1-8d90-4446-be0f-517a18c8ad6d/ 58 KB
58 KB 55ms
54ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/09dcc3f1-8d90-4446-be0f-517a18c8ad6d/EU%20Super%20Reds%20listing%20image_1080x1080_EU.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f903fe115a4659bfb93d1d6eeade16ddd585ed40c7925752f1f12e78867689a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000122-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010231
x-timer: S1718567787.901885,VS0,VE1
etag: "nErrWneL6VEQSjFeJXHHCS4BmfL506Gbdnw+I9nmUqc"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=462966 idim=1080x1080 ifmt=png ofsz=59464 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 59464
x-cache-hits: 212, 0

GET
H2 200 ico-caret-down.svg
vanessaor.itworkseu.com/portal/ 193 B
345 B 449ms
449ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanessaor.itworkseu.com/portal/ico-caret-down.svg

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"c1-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cfb4be99064-FRA
expires: Sun, 16 Jun 2024 23:56:27 GMT

GET
H2 200 de.svg
vanessaor.itworkseu.com/portal/ 213 B
239 B 457ms
457ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanessaor.itworkseu.com/portal/de.svg

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"d5-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cfb4bee9064-FRA
expires: Sun, 16 Jun 2024 23:56:27 GMT

GET
H2 200 ico-search.svg
vanessaor.itworkseu.com/portal/ 625 B
424 B 483ms
481ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanessaor.itworkseu.com/portal/ico-search.svg

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"271-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cfb5bf79064-FRA
expires: Sun, 16 Jun 2024 23:56:27 GMT

GET
H2 200 ico-user.svg
vanessaor.itworkseu.com/portal/ 837 B
532 B 469ms
467ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanessaor.itworkseu.com/portal/ico-user.svg

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"345-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cfb5bfc9064-FRA
expires: Sun, 16 Jun 2024 23:56:27 GMT

GET
H2 200 ico-bag.svg
vanessaor.itworkseu.com/portal/ 553 B
416 B 474ms
473ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanessaor.itworkseu.com/portal/ico-bag.svg

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"229-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cfb5c019064-FRA
expires: Sun, 16 Jun 2024 23:56:27 GMT

GET
H2 200 ico-close-small-white.svg
vanessaor.itworkseu.com/portal/ 383 B
328 B 461ms
461ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanessaor.itworkseu.com/portal/ico-close-small-white.svg

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"17f-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cfb5c069064-FRA
expires: Sun, 16 Jun 2024 23:56:27 GMT

GET
H2 200 loader.svg
vanessaor.itworkseu.com/portal/ 829 B
491 B 465ms
465ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanessaor.itworkseu.com/portal/loader.svg

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"33d-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cfb5c0f9064-FRA
expires: Sun, 16 Jun 2024 23:56:27 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 42ms
39ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 17:44:40 GMT
x-content-type-options: nosniff
age: 267106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 17:44:40 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 45ms
43ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:04:46 GMT
x-content-type-options: nosniff
age: 265900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7992
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 18:04:46 GMT

GET
H2 200 Inter-roman.var.woff2
vanessaor.itworkseu.com/portal/ 222 KB
222 KB 566ms
566ms Font
font/woff2 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://vanessaor.itworkseu.com/portal/Inter-roman.var.woff2?v=3.19

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
x-powered-by: Express
content-length: 227180
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"3776c-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://vanessaor.itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 894d5cfb8c7e9064-FRA
expires: Sun, 16 Jun 2024 23:56:27 GMT

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0 173ms
172ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=de-DE&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cfd0aeebf25-WAW
date: Sun, 16 Jun 2024 19:56:27 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230051-FRA

OPTIONS
H3 204 button__30_day_gut_reset_learn_more__essentials__5142c82
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 213ms
212ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/button__30_day_gut_reset_learn_more__essentials__5142c82?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cfd2b4bbf25-WAW
date: Sun, 16 Jun 2024 19:56:27 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230085-FRA

OPTIONS
H3 204 untitled_content_item_e785bd0
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 144ms
144ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_e785bd0?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cfd2b4fbf25-WAW
date: Sun, 16 Jun 2024 19:56:27 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230105-FRA

OPTIONS
H3 204 global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 187ms
186ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cfd2b53bf25-WAW
date: Sun, 16 Jun 2024 19:56:27 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230030-FRA

OPTIONS
H3 204 untitled_content_item_9297726
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 164ms
163ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_9297726?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cfd3b6cbf25-WAW
date: Sun, 16 Jun 2024 19:56:27 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-ams2100086-AMS

OPTIONS
H3 204 untitled_content_item_424b703
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 135ms
135ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_424b703?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cfd3b71bf25-WAW
date: Sun, 16 Jun 2024 19:56:27 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230051-FRA

OPTIONS
H3 204 untitled_content_item_bcdb313
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 148ms
148ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_bcdb313?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5cfd3b72bf25-WAW
date: Sun, 16 Jun 2024 19:56:27 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-vie6355-VIE

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
38 B 151ms
151ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfcbe459064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
50 B 460ms
460ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfcbe4b9064-FRA
content-length: 0

GET
H3 404 details
services.itworks.com/customer/v1/profiles/vanessaor/ 0
0 374ms
374ms XHR
text/plain 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.itworks.com/customer/v1/profiles/vanessaor/details
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

correlationid: c1cf4dcea9c48c430e959b51ab1c7a53
messageid: 71bfec96-fff6-482b-a23f-d48fada6b482
date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
access-control-expose-headers: CorrelationId
cache-control: public, max-age=30
cf-ray: 894d5cfb1cc5c06a-WAW
expires: Sun, 16 Jun 2024 19:56:57 GMT

GET
H3 200 products
services.itworks.com/product/v1/categories/best-sellers/ 19 KB
2 KB 549ms
549ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://services.itworks.com/product/v1/categories/best-sellers/products?country=DE&language=de&customerType=LC&orderType=Shopping

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

correlationid: 13532319fb5823a575eacb4f8bfdec99
messageid: 924a8bb8-6569-4fa0-98a2-b111fd5b1115
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
strict-transport-security: max-age=2592000
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
xcalledservice: S:https://see-inbound-policy.com/
cache-control: public, s-maxage=300, max-age=30, stale-while-revalidate=15
access-control-expose-headers: CorrelationId
cf-ray: 894d5cfccf8cc06a-WAW

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 517ms
516ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfcee819064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
59 B 451ms
451ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfcfe979064-FRA
content-length: 0

GET
H3 200 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 44 KB
11 KB 158ms
158ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=de-DE&limit=1

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 30
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10929
x-served-by: cache-fra-eddf8230039-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe1d36bf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 439ms
438ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfd0ebc9064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 460ms
459ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfd1ec09064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 154ms
153ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfd1ec29064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 154ms
154ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfd1eca9064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 186ms
186ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfd1ecd9064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 156ms
155ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfd1ed09064-FRA
content-length: 0

GET
H3 200 button__30_day_gut_reset_learn_more__essentials__5142c82
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 7 KB
2 KB 170ms
170ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/button__30_day_gut_reset_learn_more__essentials__5142c82?depth=99&language=de-DE

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 5
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1912
x-served-by: cache-ams21023-AMS
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe7e01bf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

GET
H3 200 untitled_content_item_e785bd0
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 6 KB
2 KB 173ms
173ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_e785bd0?depth=99&language=de-DE

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 5
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1964
x-served-by: cache-ams21053-AMS
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe1d3abf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

GET
H3 200 global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 1 KB
1 KB 174ms
174ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=de-DE

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 1
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 634
x-served-by: cache-fra-eddf8230065-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe5dcdbf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 173ms
172ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfd3eef9064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 169ms
169ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfd3ef29064-FRA
content-length: 0

GET
H3 200 untitled_content_item_9297726
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 2 KB
1 KB 231ms
231ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_9297726?depth=99&language=de-DE

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 2
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 914
x-served-by: cache-fra-eddf8230133-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe4d8ebf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

GET
H3 200 untitled_content_item_424b703
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 2 KB
1 KB 175ms
175ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_424b703?depth=99&language=de-DE

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 2
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 915
x-served-by: cache-ams21082-AMS
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe1d41bf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

GET
H3 200 untitled_content_item_bcdb313
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 2 KB
1 KB 184ms
184ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_bcdb313?depth=99&language=de-DE

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: MISS
x-request-charge: 2
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 990
x-served-by: cache-fra-eddf8230112-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe3d63bf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

GET
H3 200 30%20Day%20Drop%20EU%20Featured%20Category.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/6894b8fb-5a5e-44da-9581-8906b7647662/ 60 KB
60 KB 44ms
44ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/6894b8fb-5a5e-44da-9581-8906b7647662/30%20Day%20Drop%20EU%20Featured%20Category.jpg?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100020-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010227
x-timer: S1718567787.082201,VS0,VE3
etag: "rzhbWT3/aUbXsEYIwjdDAQNwNouPdxuKGDAxHYw1MNE"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=319059 idim=2000x1125 ifmt=jpeg ofsz=61452 odim=1080x608 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 61452
x-cache-hits: 9, 0

GET
H3 200 Gut%20Health%20Featured%20Category.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/75fd3dd8-2fff-4bb2-ab87-fe67e35ada91/ 23 KB
23 KB 45ms
43ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/75fd3dd8-2fff-4bb2-ab87-fe67e35ada91/Gut%20Health%20Featured%20Category.png?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100055-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010250
x-timer: S1718567787.083617,VS0,VE2
etag: "Cm3HHbdXpy2fLr8uk2Mv98fxqGUVeV/eM9n6O8q9jDY"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=892044 idim=2000x1125 ifmt=png ofsz=23654 odim=1080x608 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23654
x-cache-hits: 2, 0

GET
H3 200 EU%20Active%20Lifestyle%2016%201.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e75e9938-4e1d-4f21-9711-02cbdfbd6788/ 24 KB
25 KB 87ms
84ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e75e9938-4e1d-4f21-9711-02cbdfbd6788/EU%20Active%20Lifestyle%2016%201.jpg?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100149-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010211
x-timer: S1718567787.085023,VS0,VE1
etag: "cecitWGEakAtJnLEqkme2fDC+trYcW2Ng3kJcCxNwsk"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=1289224 idim=2000x1125 ifmt=jpeg ofsz=24854 odim=1080x608 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24854
x-cache-hits: 291, 0

GET
H3 200 EU%20Beauty%2016.9%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1cd0f5b3-638d-4f61-91b8-ba0f0ee5cc51/ 21 KB
21 KB 87ms
84ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1cd0f5b3-638d-4f61-91b8-ba0f0ee5cc51/EU%20Beauty%2016.9%201.png?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100086-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010251
x-timer: S1718567787.085552,VS0,VE4
etag: "0GeRhQVkl+Z201KgA3ZbkDNTMk55lMEsvrvYpNIeqOI"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=7415503 idim=5754x3236 ifmt=png ofsz=21336 odim=1080x607 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21336
x-cache-hits: 54, 0

GET
H3 200 Perks%20Member.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/ 87 KB
87 KB 87ms
84ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/Perks%20Member.jpg?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000075-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010246
x-timer: S1718567787.085510,VS0,VE1
etag: "lviakCqMB91dAcNDud3b3/N287w5Pu0iBrGqaFSv2iY"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=6791563 idim=3392x2729 ifmt=jpeg ofsz=89072 odim=1080x869 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 89072
x-cache-hits: 27, 0

GET
H3 200 Perks%20Member%205%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/ 76 KB
76 KB 87ms
84ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/Perks%20Member%205%201.png?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100113-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010211
x-timer: S1718567787.085486,VS0,VE2
etag: "oaVPn39LPIac7NWAMsTsZHx6cydSuwXsU8CxoFxRXNE"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=4578526 idim=2000x1600 ifmt=png ofsz=77820 odim=1080x864 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 77820
x-cache-hits: 7, 0

GET
H3 200 Aloe_System_launch_Revised_Updated.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/450671bf-92a4-4561-9f87-5a3dda88966e/ 158 KB
0 87ms
85ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/450671bf-92a4-4561-9f87-5a3dda88966e/Aloe_System_launch_Revised_Updated.jpg?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200042-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010217
x-timer: S1718567787.086491,VS0,VE2
etag: "pACjBkdzzsveWzjHp4s89sExXDEtNno/8YNeSVSCuaM"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=1079437 idim=4096x1862 ifmt=jpeg ofsz=208886 odim=4096x1862 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 208886
x-cache-hits: 8, 0

GET
H3 200 30-Day%20Drop%20System%20EU%20Desktop.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2ed0e373-444d-47e2-9551-b460e1485df3/ 159 KB
0 88ms
85ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2ed0e373-444d-47e2-9551-b460e1485df3/30-Day%20Drop%20System%20EU%20Desktop.png?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200072-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010213
x-timer: S1718567787.086238,VS0,VE1
etag: "dzqqNUgkYyHxUjYvhE/YywG2B6I0BBySSCTOYUsjDgw"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=6492020 idim=4096x1862 ifmt=png ofsz=544152 odim=4096x1862 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 544152
x-cache-hits: 3, 0

GET
H3 200 tri-leaf-white-svg.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/ 1 KB
1 KB 90ms
88ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/tri-leaf-white-svg.svg?w=20&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000102-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
last-modified: Tue, 07 Nov 2023 21:51:52 GMT
x-timer: S1718567787.086222,VS0,VE1
etag: 0x8DBDFDBC0C24953
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1160
x-cache-hits: 1528, 0

GET
H3 200 lightbulb_innovation.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/ 1 KB
2 KB 88ms
86ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/lightbulb_innovation.svg?w=80&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200116-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
last-modified: Thu, 08 Feb 2024 18:01:52 GMT
x-timer: S1718567787.086193,VS0,VE1
etag: 0x8DC28D007CEFB54
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1362
x-cache-hits: 4, 0

GET
H3 200 handshake_community.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/ 4 KB
5 KB 88ms
86ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/handshake_community.svg?w=80&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200117-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
last-modified: Thu, 08 Feb 2024 18:05:37 GMT
x-timer: S1718567787.086186,VS0,VE1
etag: 0x8DC28D08D987F23
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4560
x-cache-hits: 24, 0

GET
H3 200 diversity_1_philanthropy.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/ 4 KB
4 KB 88ms
86ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/diversity_1_philanthropy.svg?w=80&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100044-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
last-modified: Thu, 08 Feb 2024 18:04:29 GMT
x-timer: S1718567787.087435,VS0,VE1
etag: 0x8DC28D064DCF562
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4248
x-cache-hits: 10206, 0

GET
H3 200 06.13.24%20Father%27s%20Day%20Coffee%20BOGO%20Promotion%20%5BGlobal%5D%20What%27s%20New%20EU.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cd27c4bc-3e32-4ef5-97b9-1e710b8ad0a4/ 112 KB
112 KB 88ms
87ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cd27c4bc-3e32-4ef5-97b9-1e710b8ad0a4/06.13.24%20Father%27s%20Day%20Coffee%20BOGO%20Promotion%20%5BGlobal%5D%20What%27s%20New%20EU.jpg?w=1056&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200089-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010231
x-timer: S1718567787.087876,VS0,VE1
etag: "Z8WTZtNl6tI44enLjllJdwUG6b2LLrc9/TpsNwyiEcM"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=818793 idim=1350x1080 ifmt=jpeg ofsz=114734 odim=1056x845 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 114734
x-cache-hits: 3, 0

GET
H3 200 Super%20Greens%20Berry-whats-new-spotlight-eu.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c2243aef-9644-4945-a72f-5c3c74e0971c/ 24 KB
24 KB 88ms
87ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c2243aef-9644-4945-a72f-5c3c74e0971c/Super%20Greens%20Berry-whats-new-spotlight-eu.jpg?w=1056&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100137-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010230
x-timer: S1718567787.087920,VS0,VE1
etag: "R122Cu7rJbxVlqfnn5ZN3Dg8nOf+5vB9r5YM74UafAQ"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=357609 idim=1350x1080 ifmt=jpeg ofsz=24094 odim=1056x845 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24094
x-cache-hits: 5, 0

GET
H3 200 CONF24-Aloe-Spotlight_EU.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/84566695-1cc0-48c0-bcba-3caf94921d28/ 98 KB
98 KB 89ms
87ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/84566695-1cc0-48c0-bcba-3caf94921d28/CONF24-Aloe-Spotlight_EU.png?w=1056&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200103-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: img02-us-east4
x-timer: S1718567787.087930,VS0,VE1
etag: "eRn5yUFmNEOkfM4bVjJwMnisZ2pMh1s61jj6HAOzsRE"
x-cache: MISS, HIT
content-type: image/webp
fastly-io-info: ifsz=1525714 idim=1350x1080 ifmt=png ofsz=100150 odim=1056x845 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 100150
x-cache-hits: 0, 0

GET
H3 200 pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 46ms
45ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/
Origin: https://vanessaor.itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 09:12:34 GMT
x-content-type-options: nosniff
age: 297833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7844
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 09:12:34 GMT

GET fa-solid-900.woff2
vanessaor.itworkseu.com/portal/ 0
0

GET
H2 200 loader-dark.svg
vanessaor.itworkseu.com/portal/ 839 B
498 B 448ms
448ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vanessaor.itworkseu.com/portal/loader-dark.svg

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://vanessaor.itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"347-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5cfd6f309064-FRA
expires: Sun, 16 Jun 2024 23:56:27 GMT

GET MaterialSymbolsOutlined.woff2
vanessaor.itworkseu.com/assets/material-design-icons/ 0
0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
63 B 170ms
169ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cfd8f4f9064-FRA
content-length: 0

GET
H2 200 Primary Request / Show response
itworkseu.com/ 16 KB
4 KB 460ms
444ms Document
text/html 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworkseu.com/

Requested by

Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/main.e2398128f97f38de.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

695b8049e98f72c985a699d677d4d24b4086fa3454f5828165712b2e5a4ce534

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://vanessaor.itworkseu.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-credentials: true
cache-control: public, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 894d5cfdaf709064-FRA
content-encoding: gzip
content-security-policy: frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
content-type: text/html; charset=utf-8
date: Sun, 16 Jun 2024 19:56:27 GMT
last-modified: Thu, 13 Jun 2024 18:56:45 GMT
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
strict-transport-security: max-age=2592000
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: Express
x-xss-protection: 1; mode=block

OPTIONS
H2 204 5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/ 0
0 146ms
146ms Preflight 52.207.169.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.207.169.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-169-67.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://vanessaor.itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sun, 16 Jun 2024 19:56:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST 5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/ 0
0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
36 B 153ms
153ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cff199e9064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
61 B 174ms
174ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cff29a39064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
37 B 150ms
150ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cff39c69064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
37 B 157ms
157ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cff39d29064-FRA
content-length: 0

POST
H2 200 log
vanessaor.itworkseu.com/api/ 0
37 B 168ms
168ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vanessaor.itworkseu.com/api/log
Requested by: Host: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://vanessaor.itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://vanessaor.itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5cff5a099064-FRA
content-length: 0

POST log
vanessaor.itworkseu.com/api/ 0
0

OPTIONS items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0

GET items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0

POST collect
region1.google-analytics.com/g/ 0
0

GET fa-solid-900.woff
vanessaor.itworkseu.com/portal/ 0
0

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
0 0ms
0ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 4423937
x-cache: HIT, HIT
content-length: 29811
x-served-by: cache-lga21935-LGA, cache-cph2320046-CPH
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1718567781.078954,VS0,VE0
etag: W/"28feccc0-14e4a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 62, 28406

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 213 KB
72 KB 75ms
72ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

b091f3023446e7f64d26b68228d1d5aa794ac256f08cef1fdcb158b6ea1f0b95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73937
x-xss-protection: 0

GET
H2 200 runtime.31df61a6178bcb23.js Show response
itworkseu.com/portal/ 3 KB
2 KB 457ms
454ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworkseu.com/portal/runtime.31df61a6178bcb23.js

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

9c6b0d6471bccb5f084f1268800f29520099224469d9cd4f8b8e9cb54f04fd45

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"dda-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d007b7e9064-FRA
expires: Sun, 16 Jun 2024 23:56:28 GMT

GET
H2 200 polyfills.82a2842c2492498d.js Show response
itworkseu.com/portal/ 69 KB
24 KB 795ms
794ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e8d7453f1b6aee84cf2a2eb5a5627e94f9974613636906dccc4908d10fec6aa6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"112bc-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d007b7f9064-FRA
expires: Sun, 16 Jun 2024 23:56:28 GMT

GET
H2 200 scripts.2a1e351c7b378688.js Show response
itworkseu.com/portal/ 123 KB
45 KB 681ms
679ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworkseu.com/portal/scripts.2a1e351c7b378688.js

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

0faafdb139b75f63e0a8e3efe617e12474e8475fb08c39d22c5f78837d36f384

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"1ea63-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d013c509064-FRA
expires: Sun, 16 Jun 2024 23:56:28 GMT

GET
H2 200 main.e2398128f97f38de.js Show response
itworkseu.com/portal/ 3 MB
737 KB 794ms
793ms Script
application/javascript 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworkseu.com/portal/main.e2398128f97f38de.js

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

68aa7cb71344c2855bb324d7d3937d73989545bca89b634b6b10069abdac7a20

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"2e7536-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d007b809064-FRA
expires: Sun, 16 Jun 2024 23:56:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 259 KB
0 1ms
1ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b1263d0804845ef80ebb852fade8fd01fea4f2dd23d613ad36754d1fcbcc60a7

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: br
last-modified: Sun, 16 Jun 2024 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 84204
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jun 2024 19:56:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
0 1ms
1ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 18:29:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5233
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 16 Jun 2024 20:29:08 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 65ms
65ms XHR
application/json 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://itworkseu.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 styles.8465263cf49cc437.css
itworkseu.com/portal/ 1 MB
129 KB 813ms
812ms Stylesheet
text/css 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworkseu.com/portal/styles.8465263cf49cc437.css

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

425e80c067d53827c523399ca34da4b5d13041f3982f965c8f2e104ac9aa898c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:28 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"11943b-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css; charset=UTF-8
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d013c539064-FRA
expires: Sun, 16 Jun 2024 23:56:28 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v13/ 45 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 22:18:45 GMT
x-content-type-options: nosniff
age: 250656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46552
x-xss-protection: 0
last-modified: Thu, 14 Sep 2023 00:46:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 22:18:45 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 320 KB
0 0ms
0ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7PTLMD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

84765e63e56cafa0ae2a9ee2b777deb0c85e37b0b233196db9e445b730406d70

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:21 GMT
content-encoding: br
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 108121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 16 Jun 2024 19:56:21 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 49ms
48ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46c0v890894587z879783485za200zb79783485&_p=1718567787584&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=526290316.1718567788&ecid=1851072965&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&ec_mode=a&_s=1&sid=1718567787&sct=1&seg=0&dl=https%3A%2F%2Fitworkseu.com%2F&dr=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dt=It%20Works!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=687
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 19:56:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://itworkseu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 5bb3bd847387e1367e01ff04
app.launchdarkly.com/sdk/goals/ 0
0 41ms
40ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sun, 16 Jun 2024 19:56:29 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-served-by: cache-fra-etou8220059-FRA
x-timer: S1718567789.372474,VS0,VE1

OPTIONS
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ 0
0 39ms
39ms Preflight 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-launchdarkly-user-agent
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
access-control-allow-methods: GET, OPTIONS, HEAD
access-control-allow-origin: *
access-control-max-age: 3600
age: 0
allow: GET, OPTIONS, HEAD
content-encoding: gzip
content-length: 23
date: Sun, 16 Jun 2024 19:56:29 GMT
ld-region: us-east-1
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-served-by: cache-fra-etou8220059-FRA
x-timer: S1718567789.373484,VS0,VE0

GET
H2 200 level Show response
itworkseu.com/api/log/ 20 B
155 B 149ms
149ms XHR
application/json 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log/level
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: W/"14-ycAJUHiRugLG6WF80DxzXo20+wI"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
cf-ray: 894d5d0b7a2b9064-FRA
content-length: 20

GET
H3 200 countries Show response
services.itworks.com/countries/v1/ 3 KB
0 0ms
0ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.itworks.com/countries/v1/countries
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

messageid: 9bc40148-f6b0-402a-98d3-dfc932cb9055
date: Sun, 16 Jun 2024 19:56:23 GMT
content-encoding: gzip
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Sun, 16 Jun 2024 19:56:23 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
content-type: application/json; charset=utf-8
access-control-expose-headers: CorrelationId
cache-control: public, max-age=14400
cf-ray: 894d5ce33e2bc06a-WAW
expires: Sun, 16 Jun 2024 23:56:23 GMT

GET
H2 200 5bb3bd847387e1367e01ff04 Show response
app.launchdarkly.com/sdk/goals/ 2 B
72 B 40ms
40ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/goals/5bb3bd847387e1367e01ff04
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:29 GMT
via: 1.1 varnish
content-encoding: gzip
content-md5: d751713988987e9331980363e24189ce
age: 0
x-cache: HIT
content-length: 26
x-served-by: cache-fra-etou8220059-FRA
x-timer: S1718567789.414456,VS0,VE0
etag: "d751713988987e9331980363e24189ce"
ld-region: us-east-1
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0
access-control-max-age: 300
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Authorization,X-Requested-With,X-LD-Private,X-LD-AccountId,X-LD-EnvId,X-LD-PrjId,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper,LD-API-Version,X-LaunchDarkly-Tags
x-cache-hits: 3

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0 Show response
app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/ 42 KB
56 B 40ms
39ms XHR
application/json 151.101.130.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://app.launchdarkly.com/sdk/evalx/5bb3bd847387e1367e01ff04/contexts/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.217 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 5ad3f76d575aef3074edd35e6c3ab8b912d1cf6afec4814a4efeef44f5635a0b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:29 GMT
via: 1.1 varnish
content-encoding: gzip
age: 0
x-cache: HIT
content-length: 5806
x-served-by: cache-fra-etou8220059-FRA
server: Varnish
x-timer: S1718567789.414266,VS0,VE0
etag: "138dbb"
vary: Authorization, Accept-Encoding
access-control-max-age: 3600
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: OPTIONS, GET
cache-control: max-age=0
accept-ranges: bytes
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-Requested-With, X-LD-Private, X-LD-AccountId, X-LD-EnvId, X-LD-PrjId, X-LaunchDarkly-Event-Schema, X-LaunchDarkly-User-Agent, X-LaunchDarkly-Wrapper, Ld-Api-Version
retry-after: 0
x-cache-hits: 0

POST
H2 202 5bb3bd847387e1367e01ff04 Show response
events.launchdarkly.com/events/diagnostic/ 0
359 B 159ms
159ms XHR
application/json 52.207.169.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.207.169.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-169-67.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

OPTIONS
H2 204 5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/diagnostic/ 0
0 116ms
116ms Preflight 52.207.169.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/diagnostic/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.207.169.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-169-67.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sun, 16 Jun 2024 19:56:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 48ms
48ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46c0v890894587za200zb79783485&_p=1718567787584&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=526290316.1718567788&ecid=1851072965&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=AEA&_s=2&sid=1718567787&sct=1&seg=0&dl=https%3A%2F%2Fitworkseu.com%2F&dr=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dt=It%20Works!&en=scroll&epn.percent_scrolled=90&_et=4&tfd=2293
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B9ZCN4XJNP&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Sun, 16 Jun 2024 19:56:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://itworkseu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK favicon.svg
static.myitworks.com/themes/rws-v3/images/ 841 B
0 0ms
0ms Other
image/svg+xml 2606:4700::6812:1079
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.myitworks.com/themes/rws-v3/images/favicon.svg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1079 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 16 Jun 2024 19:56:23 GMT
Content-Encoding: gzip
CF-Cache-Status: HIT
last-modified: Wed, 01 Mar 2023 19:06:35 GMT
Server: cloudflare
Age: 703
etag: W/"28dcb8f1704cd91:0"
Vary: Accept-Encoding
Content-Type: image/svg+xml
access-control-allow-origin: *
Cache-Control: public, max-age=14400
CF-RAY: 894d5ce42ec86913-FRA
access-control-allow-headers: Content-Type,Authorization
Expires: Sun, 16 Jun 2024 23:56:23 GMT

POST
H2 200 log Show response
itworkseu.com/api/ 0
63 B 160ms
160ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:29 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d0c2b129064-FRA
content-length: 0

GET
H2 200 bag Show response
itworkseu.com/ajax/ 1 KB
904 B 791ms
791ms XHR
application/json 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworkseu.com/ajax/bag

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34dfad7e9b3dcc2e555e0de68fec13cadd267c3c906396e12a5c054b41a400eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-iwgtime: 6/16/2024 2:56:30 PM
pragma: no-cache
date: Sun, 16 Jun 2024 19:56:30 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/json; Charset=utf-8
cache-control: no-store,no-cache
cf-ray: 894d5d0c2b159064-FRA
expires: Sat, 15 Jun 2024 19:56:30 GMT

GET
H2 200 eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0
clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/ 42 KB
0 65ms
65ms EventSource
text/event-stream 76.223.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://clientstream.launchdarkly.com/eval/5bb3bd847387e1367e01ff04/eyJraW5kIjoidXNlciIsImtleSI6IlVTLWVuLVJDLTEwIn0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

76.223.31.44 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a1370dc23e25e46ce.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: text/event-stream
Cache-Control: no-cache
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
ld-region: eu-west-1
access-control-max-age: 300
access-control-allow-methods: GET,OPTIONS
content-type: text/event-stream; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
accept-ranges: bytes
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,Cache-Control,X-Requested-With,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Wrapper

GET
H3 200 DE Show response
services.itworks.com/countries/v1/countrysettings/ 613 B
0 0ms
0ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.itworks.com/countries/v1/countrysettings/DE
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b2ddf9493f9858bb5e54b00f40987b46c7e2bd94c524b9ad3a428e863e8002

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

messageid: c3f721a7-5610-4357-b7bf-85a1aa5b3ff3
date: Sun, 16 Jun 2024 19:56:25 GMT
content-encoding: gzip
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Sun, 16 Jun 2024 19:56:25 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
content-type: application/json; charset=utf-8
access-control-expose-headers: CorrelationId
cache-control: public, max-age=14400
cf-ray: 894d5cf46997c06a-WAW
expires: Sun, 16 Jun 2024 23:56:25 GMT

GET
H3 200 DE Show response
services.itworks.com/countries/v1/countrysettings/ 613 B
0 0ms
0ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.itworks.com/countries/v1/countrysettings/DE
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b2ddf9493f9858bb5e54b00f40987b46c7e2bd94c524b9ad3a428e863e8002

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

messageid: c3f721a7-5610-4357-b7bf-85a1aa5b3ff3
date: Sun, 16 Jun 2024 19:56:25 GMT
content-encoding: gzip
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Sun, 16 Jun 2024 19:56:25 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
xcalledservice: S:https://see-inbound-policy.com/
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
content-type: application/json; charset=utf-8
access-control-expose-headers: CorrelationId
cache-control: public, max-age=14400
cf-ray: 894d5cf46997c06a-WAW
expires: Sun, 16 Jun 2024 23:56:25 GMT

OPTIONS
H3 204 site_redirects
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 109ms
109ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d113e24bf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230051-FRA

GET
H2 200 site_redirects Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 18 KB
0 0ms
0ms XHR
application/json 2606:4700::6812:1183
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/site_redirects?depth=99&language=de-DE

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1183 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0587470bf94a3afee5bf803a6aa31c55807ce970fb6c63e34fe8b41219a42603

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 34
date: Sun, 16 Jun 2024 19:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 31
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 4271
x-served-by: cache-fra-eddf8230036-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cf72a8a0410-FRA
expires: Sun, 16 Jun 2024 20:01:26 GMT

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0 105ms
104ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=de-DE&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d120f77bf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-ams2100086-AMS

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 98 KB
0 0ms
0ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=site_wide_static_content&depth=99&language=de-DE&limit=1

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c65ef5bc96c24b485c1809f0b27e1e2e4e41a291821f62b4e5f302bc4c5688e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Sun, 16 Jun 2024 19:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 69
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 19995
x-served-by: cache-fra-eddf8230041-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cf8fbf0bf25-WAW
expires: Sun, 16 Jun 2024 20:01:26 GMT

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 4 KB
0 0ms
0ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=de-DE&limit=1

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32779f411f780e66b75abbd48f6e3709ccda4ec34ae1e0a3fb4971750582199a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 13
date: Sun, 16 Jun 2024 19:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 1
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1589
x-served-by: cache-fra-eddf8230113-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cf8ebdabf25-WAW
expires: Sun, 16 Jun 2024 20:01:26 GMT

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0 87ms
87ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=form_static_content&depth=99&language=de-DE&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d120f79bf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-vie6355-VIE

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0 121ms
121ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=de-DE&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d136994bf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-vie6340-VIE

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 439ms
439ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d131cac9064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 441ms
441ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d131cb09064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
61 B 147ms
147ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d131cb29064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 438ms
438ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d131cb39064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 439ms
439ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d131cb59064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 480ms
480ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d135d119064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 467ms
467ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d135d149064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 469ms
469ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d135d169064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 478ms
477ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d135d199064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 472ms
472ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d135d1b9064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
60 B 463ms
463ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d135d1c9064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 471ms
470ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d135d1d9064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 467ms
467ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d135d1f9064-FRA
content-length: 0

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 80 KB
0 0ms
0ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?elements.page_url[eq]=home&depth=99&language=de-DE&limit=1

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8011a6f2ab276eb4c7b1670e043c34fde360c96b1f43edf307cd78b66696d2ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 16 Jun 2024 19:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 69
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 20218
x-served-by: cache-vie6321-VIE
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:26 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfbb8abbf25-WAW
expires: Sun, 16 Jun 2024 20:01:26 GMT

GET
H3 200 IW-Logo.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/26a7e9ac-7580-40f3-bd90-590b86ea7c3b/ 3 KB
3 KB 42ms
41ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/26a7e9ac-7580-40f3-bd90-590b86ea7c3b/IW-Logo.svg
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 910548fa5624b6a2ebb9e65e942a966115cd113c9f3f44c251ad15b34b87f533

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200025-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:30 GMT
last-modified: Fri, 02 Sep 2022 15:11:14 GMT
x-timer: S1718567791.640964,VS0,VE1
etag: 0x8DA8CF560E4ACEF
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2599
x-cache-hits: 4965, 0

GET
H2 200 icon-instagram.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/ 3 KB
0 2ms
2ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d233780f-c248-461c-b629-5eb9c8ebbc7b/icon-instagram.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100059-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
last-modified: Wed, 09 Aug 2023 17:14:17 GMT
x-timer: S1718567787.857557,VS0,VE1
etag: 0x8DB98FC1030F36A
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2930
x-cache-hits: 16044, 0

GET
H2 200 icon-facebook.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/ 462 B
0 3ms
3ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/b8c0f632-0710-442e-9c9f-8999a7aa577f/icon-facebook.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000051-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
last-modified: Wed, 09 Aug 2023 17:14:49 GMT
x-timer: S1718567787.857482,VS0,VE1
etag: 0x8DB98FC2354D19C
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 462
x-cache-hits: 7321, 0

GET
H2 200 twitter-black%2032x32.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/ 785 B
0 3ms
3ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2075f774-9ce1-470b-bff4-42b8f43c6525/twitter-black%2032x32.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200034-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
last-modified: Wed, 03 Apr 2024 14:28:37 GMT
x-timer: S1718567787.857498,VS0,VE1
etag: 0x8DC53EA59EEDAB8
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 785
x-cache-hits: 17058, 0

GET
H2 200 icon-pinterest.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/ 1 KB
0 3ms
3ms Image
image/svg+xml 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/978a4099-4548-4f1c-916b-81a9a6197cb6/icon-pinterest.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200024-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
last-modified: Wed, 09 Aug 2023 17:15:55 GMT
x-timer: S1718567787.857513,VS0,VE1
etag: 0x8DB98FC4AD3F6A5
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1193
x-cache-hits: 13467, 0

GET
H2 200 DSA-Logo-Footer.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a3417ea8-34fe-4811-acdb-8aa528d3dd0f/ 4 KB
0 3ms
3ms Image
image/png 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a3417ea8-34fe-4811-acdb-8aa528d3dd0f/DSA-Logo-Footer.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ceb2fcee0d66807522ec4b1a5a0501291a6d2fbb3b128a6d00a09e5a2b07b686

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100095-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010248
x-timer: S1718567787.857545,VS0,VE1
etag: "RFPw5j+FI7SsudTPcOBEiq4/00o/Td6PMmG8wYBwX58"
x-cache: HIT, HIT
content-type: image/png
fastly-io-info: ifsz=5390 idim=100x59 ifmt=png ofsz=3998 odim=100x59 ofmt=png
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3998
x-cache-hits: 553, 0

GET
H2 200 DSAI-Logo-Footer.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e0aab28c-2dcb-46b2-b203-f510378ea492/ 6 KB
0 3ms
3ms Image
image/png 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e0aab28c-2dcb-46b2-b203-f510378ea492/DSAI-Logo-Footer.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6437d38ffa572dd9cb43604f3c32def0b2a38889b03c649e1b7a2a6200aa031

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000037-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010227
x-timer: S1718567787.857202,VS0,VE1
etag: "EKcx4jckM6dbYwho8GWx1x7NK+c00v0Tn2+d1orVfbE"
x-cache: HIT, HIT
content-type: image/png
fastly-io-info: ifsz=7400 idim=100x59 ifmt=png ofsz=6028 odim=100x59 ofmt=png
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6028
x-cache-hits: 378, 0

GET
H2 200 30-Day%20Drop%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/f1c457db-8ec9-4b45-a058-baa6d6c4179a/ 5 KB
0 3ms
3ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/f1c457db-8ec9-4b45-a058-baa6d6c4179a/30-Day%20Drop%20System.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5c5e7bf09ffe0aa6d5fbebdeddc9cb330951e00a246ee2f7edb747b54793a8c3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000118-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010213
x-timer: S1718567787.900824,VS0,VE0
etag: "l7srhusXHGQhutE2XCK+ve0WKxFafuTe9/gLR+sHn2k"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=48333 idim=225x280 ifmt=png ofsz=5592 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5592
x-cache-hits: 591, 617

GET
H2 200 Slimming%20Reset%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0671ab95-ed39-4657-b84f-15b373ad2f63/ 5 KB
0 3ms
3ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/0671ab95-ed39-4657-b84f-15b373ad2f63/Slimming%20Reset%20System.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d143fe191026f5124ebaa7d881b32df80c7618f798bbf78c7d7fd77815c69b28

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100029-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010210
x-timer: S1718567787.901522,VS0,VE1
etag: "lWTd39rGEflGeZXMQNvvwN7STuzcafvjg3tUD5o2i98"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=36432 idim=225x280 ifmt=png ofsz=4878 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4878
x-cache-hits: 252, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e8ba8a32-1206-43f7-bd11-d8773026e274/30-Day%20Gut%20Reset%20Essentials.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2379c51d9a919a8b4033e04406c6b9aa810951eb66e11d71f3d7d99e68f85e90

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100063-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010249
x-timer: S1718567787.901330,VS0,VE1
etag: "gmtCO9yYUWbl4gJO2WjOCFGCbfmHG7qo/09CDeulMdA"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=44892 idim=225x280 ifmt=png ofsz=5650 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5650
x-cache-hits: 343, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/4859210b-49f3-4797-a8a9-367c54254f5f/30-Day%20Gut%20Reset%20Deluxe.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8378c9df9e9ca62784c40955d2dfb36053e1d902095a8165143ebaa42e8ab135

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200031-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010212
x-timer: S1718567787.901239,VS0,VE1
etag: "8UGl0+L+JaX/UDT+hfE/inUmDnas6tmRUrDv0lrCGOY"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=48723 idim=225x280 ifmt=png ofsz=5542 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5542
x-cache-hits: 393, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c5b4fdad-9763-4ba1-9015-268b2d294a17/30-Day%20Gut%20Reset%20Signature.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 33e1203c3ea9e900bc906fde3d0fc093d587a11fea5848a505b5ec8688112648

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100055-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010214
x-timer: S1718567787.901214,VS0,VE1
etag: "SqHOIA412KiqZuk5T8htp0uazdDVYACAi6s8dpZXe9c"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=41164 idim=225x280 ifmt=png ofsz=4804 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4804
x-cache-hits: 128, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/149bff77-54dd-456c-9305-e40a6c60eeb2/Active%20Lifestyle%20Essentials.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 408eda64b810bd8e0657804c98247b0791002077b07bac1e51db6b2e87098abf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100063-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010230
x-timer: S1718567787.901174,VS0,VE1
etag: "5o0O8k6QVKsAHth0RHT80rjUwMdG+hk6YznxwlTfUOA"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=38110 idim=225x280 ifmt=png ofsz=5098 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5098
x-cache-hits: 776, 1

GET
H2 200 Sport%20Pack.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d516c1a5-868a-433a-b5d0-0d3a76077680/ 6 KB
0 4ms
4ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/d516c1a5-868a-433a-b5d0-0d3a76077680/Sport%20Pack.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fb67f8ee1ba164ed353f6682efc0f15d1c83145619fcfa9e58670710e49e0bde

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000075-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010213
x-timer: S1718567787.901959,VS0,VE0
etag: "kdt8MkmWqdD3T7YxibpnDUI8EOWrsBVWtFekED6+CCk"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=42370 idim=225x280 ifmt=png ofsz=5802 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5802
x-cache-hits: 579, 268

GET
H2 200 Body%20Sculpt%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/8a378ddb-5a1a-4755-9c55-bc2779953918/ 5 KB
0 4ms
4ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/8a378ddb-5a1a-4755-9c55-bc2779953918/Body%20Sculpt%20System.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: abe3459beffdf09ae5d7d0992d93704b43a30ecdd519a6d21494fdebc95ce394

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200051-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010230
x-timer: S1718567787.901940,VS0,VE1
etag: "ZmgOwuvRcWjToBwuoWthu9T3Dez61+lT0v0S5n+ahEU"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=52821 idim=225x280 ifmt=png ofsz=5200 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5200
x-cache-hits: 755, 0

GET
H2 200 HelloGlow%20System.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/75f2475c-4a26-4bd5-98ed-8f238e1649dd/ 5 KB
0 4ms
4ms Image
image/webp 2a04:4e42::347
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/75f2475c-4a26-4bd5-98ed-8f238e1649dd/HelloGlow%20System.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2d55569771d59c3b9fc13bec04015dd42e8a64d757ed1bf3e1d5c13720804d0f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000172-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010247
x-timer: S1718567787.901930,VS0,VE1
etag: "wmWAUKLBCrl3vKRDPLCVM340xudeCaOJl7roBkIs8Ps"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=45267 idim=225x280 ifmt=png ofsz=5372 odim=225x280 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 5372
x-cache-hits: 255, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ea091be7-44b6-4355-b7f3-4e014b9f0d44/Listing-Image-SuperGreens_EU.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 44dfdea1720d441470cbfe3836dffedf97808045cb29c695f40e4b7f48ffd353

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100056-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010216
x-timer: S1718567787.901908,VS0,VE1
etag: "ZOTv2XsV++KGkxxY/tK/DImK/Zy8i5iO0EmlQAqxemU"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=478825 idim=1080x1080 ifmt=png ofsz=65852 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 65852
x-cache-hits: 834, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/537a6684-4e8c-4776-837c-4ec541749979/EU33304VALUE-supergreens-chocolate-jar-1081x1080.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 491ad16cde975de0388e6b684025b30332dfe28c0bae2f9285ec93da0ef3d49f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100082-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010231
x-timer: S1718567787.901903,VS0,VE1
etag: "jSpQz4wVTZcV/9RPIW4s/JoByVp4UgCILQLrTbjPzps"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=911456 idim=1080x1080 ifmt=png ofsz=74772 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 74772
x-cache-hits: 690, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/09dcc3f1-8d90-4446-be0f-517a18c8ad6d/EU%20Super%20Reds%20listing%20image_1080x1080_EU.png?fm=webp&lossless=false
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42::347 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f903fe115a4659bfb93d1d6eeade16ddd585ed40c7925752f1f12e78867689a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000122-IAD, cache-cph2320028-CPH
date: Sun, 16 Jun 2024 19:56:26 GMT
fastly-io-served-by: vpop-kiad7010231
x-timer: S1718567787.901885,VS0,VE1
etag: "nErrWneL6VEQSjFeJXHHCS4BmfL506Gbdnw+I9nmUqc"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=462966 idim=1080x1080 ifmt=png ofsz=59464 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 59464
x-cache-hits: 212, 0

GET
H2 200 ico-caret-down.svg
itworkseu.com/portal/ 193 B
244 B 463ms
463ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworkseu.com/portal/ico-caret-down.svg

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

7b332c71515a908fe98cd6073f2e36ce95b381b391121aa7603b93400314d530

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"c1-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d13bdb79064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

GET
H2 200 de.svg
itworkseu.com/portal/ 213 B
443 B 454ms
453ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworkseu.com/portal/de.svg

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"d5-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d13bdb49064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

GET
H2 200 ico-search.svg
itworkseu.com/portal/ 625 B
424 B 458ms
456ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworkseu.com/portal/ico-search.svg

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

554a99b5851aef249e71b90594c453f1aa49baadd305ccf057e2686cf8694bf5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"271-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d13bdac9064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

GET
H2 200 ico-user.svg
itworkseu.com/portal/ 837 B
532 B 462ms
461ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworkseu.com/portal/ico-user.svg

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

fa3d939cc54d19190dcd649af77411ecb671b9511def19acceed663d3c149693

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"345-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d13bdb29064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

GET
H2 200 ico-bag.svg
itworkseu.com/portal/ 553 B
416 B 458ms
457ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworkseu.com/portal/ico-bag.svg

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3ea09d57427d6da60661646de7b671ab0f7d1a76cf98d1beb72129656122deae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"229-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d13bdb09064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

GET
H2 200 ico-close-small-white.svg
itworkseu.com/portal/ 383 B
328 B 455ms
455ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworkseu.com/portal/ico-close-small-white.svg

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

557d020af00c516825b46d036cfc6fd60c8174a802a63458c2a63af428014cf7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"17f-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d13bdb69064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

GET
H2 200 loader.svg
itworkseu.com/portal/ 829 B
556 B 457ms
455ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworkseu.com/portal/loader.svg

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

3c09352a88ecf332aef871bfac5b3b54cadbd3c4cc3939dc0e25d7d4e8ce3d5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"33d-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d13bdae9064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
0 0ms
0ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecnFHGPc.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 17:44:40 GMT
x-content-type-options: nosniff
age: 267106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7900
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:00:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 17:44:40 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
0 1ms
1ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFd2JQEk.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 18:04:46 GMT
x-content-type-options: nosniff
age: 265900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7992
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:01:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 18:04:46 GMT

GET
H2 200 Inter-roman.var.woff2
itworkseu.com/portal/ 222 KB
222 KB 545ms
544ms Font
font/woff2 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworkseu.com/portal/Inter-roman.var.woff2?v=3.19

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/portal/styles.8465263cf49cc437.css
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
x-powered-by: Express
content-length: 227180
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"3776c-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 894d5d13bdbd9064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0 104ms
104ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=de-DE&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d146b24bf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230030-FRA

OPTIONS
H3 204 button__30_day_gut_reset_learn_more__essentials__5142c82
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 128ms
127ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/button__30_day_gut_reset_learn_more__essentials__5142c82?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d148b66bf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230105-FRA

OPTIONS
H3 204 untitled_content_item_e785bd0
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 102ms
102ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_e785bd0?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d148b68bf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230085-FRA

OPTIONS
H3 204 global_swiper_a11y
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 128ms
127ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d148b6abf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230051-FRA

OPTIONS
H3 204 untitled_content_item_9297726
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 93ms
93ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_9297726?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d149b80bf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-vie6355-VIE

OPTIONS
H3 204 untitled_content_item_424b703
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 80ms
80ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_424b703?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d149b82bf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-vie6340-VIE

OPTIONS
H3 204 untitled_content_item_bcdb313
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 111ms
111ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_bcdb313?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d149b84bf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-ams2100086-AMS

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 452ms
452ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d143e529064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
50 B 150ms
150ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:30 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d143e5a9064-FRA
content-length: 0

GET
H3 200 products Show response
services.itworks.com/product/v1/categories/best-sellers/ 19 KB
0 0ms
0ms XHR
application/json 104.18.16.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://services.itworks.com/product/v1/categories/best-sellers/products?country=DE&language=de&customerType=LC&orderType=Shopping
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.16.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 934e53e6455ab5eabcc58f0d0431ddb5001a86be6f1c87b66e1cc0fafcea8bc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

correlationid: 13532319fb5823a575eacb4f8bfdec99
messageid: 924a8bb8-6569-4fa0-98a2-b111fd5b1115
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400
xdebug: S:
request-context: appId=cid-v1:3491599a-67ff-481b-a0c3-0843c87232d2
xbypasstokenvalidation: S:True
xpassedapikey: S:
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
xpassedheaderkey: S:
xpassedquerykey: S:
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
xoriginalurl: S:services.itworks.com
xcalledservice: S:https://see-inbound-policy.com/
cache-control: public, s-maxage=300, max-age=30, stale-while-revalidate=15
access-control-expose-headers: CorrelationId
cf-ray: 894d5cfccf8cc06a-WAW

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 440ms
439ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d145e7c9064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
37 B 439ms
439ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d145e809064-FRA
content-length: 0

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 44 KB
0 0ms
0ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=shopping_static_content&depth=99&language=de-DE&limit=1

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

953366aa1f6944ad812a823a840020d3fb795066155428aa3b63d3a0ad9b18a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 4
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 30
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 10929
x-served-by: cache-fra-eddf8230039-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe1d36bf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

POST
H2 200 log Show response
itworkseu.com/api/ 0
38 B 460ms
460ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d147ea59064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 442ms
442ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d147ea69064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 444ms
444ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d147ea89064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
37 B 444ms
444ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d147eaa9064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 434ms
434ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d147eab9064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 441ms
441ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d147ead9064-FRA
content-length: 0

GET
H3 200 button__30_day_gut_reset_learn_more__essentials__5142c82 Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 7 KB
0 1ms
1ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/button__30_day_gut_reset_learn_more__essentials__5142c82?depth=99&language=de-DE

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c2ed0f2e3c12646aa7acf5f849190e1c73ee67926803757a526abd7e955089f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 5
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1912
x-served-by: cache-ams21023-AMS
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe7e01bf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

GET
H3 200 untitled_content_item_e785bd0 Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 6 KB
0 17ms
17ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_e785bd0?depth=99&language=de-DE

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f323a128b28cc4ed8af57ae5e36da439f69c62e45a5a654d5616cac80b1e0e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 5
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1964
x-served-by: cache-ams21053-AMS
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe1d3abf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

GET
H3 200 global_swiper_a11y Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 1 KB
0 1ms
1ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/global_swiper_a11y?depth=99&language=de-DE

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c10991b6fb18ae372896b4fc60fa2877b7fde14df3ea85a051fff3f6b764b562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 3
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 1
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 634
x-served-by: cache-fra-eddf8230065-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe5dcdbf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

POST
H2 200 log Show response
itworkseu.com/api/ 0
39 B 442ms
441ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d149ecd9064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
38 B 434ms
434ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d149ece9064-FRA
content-length: 0

GET
H3 200 untitled_content_item_9297726 Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 2 KB
0 15ms
14ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_9297726?depth=99&language=de-DE

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b63b867b6cf8ef8729da71f2c5d2b5c211ebac41cc32553cbcd8869635500c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 2
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 914
x-served-by: cache-fra-eddf8230133-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe4d8ebf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

GET
H3 200 untitled_content_item_424b703 Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 2 KB
0 0ms
0ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_424b703?depth=99&language=de-DE

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c74cfe09a2674b96690810fd5c41a64f107997e9b9bd9e6ba14cc7713cfe86c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 2
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 915
x-served-by: cache-ams21082-AMS
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe1d41bf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

GET
H3 200 untitled_content_item_bcdb313 Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 2 KB
0 3ms
2ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/untitled_content_item_bcdb313?depth=99&language=de-DE

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6ef88114736b4e8f7c2856c39fe7295e7c275f679bfa8f4d5ec6b4dc2c87fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 1
date: Sun, 16 Jun 2024 19:56:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-request-charge: 2
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 990
x-served-by: cache-fra-eddf8230112-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:56:27 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5cfe3d63bf25-WAW
expires: Sun, 16 Jun 2024 20:01:27 GMT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/6894b8fb-5a5e-44da-9581-8906b7647662/30%20Day%20Drop%20EU%20Featured%20Category.jpg?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 43960a3de33d68d63123e8628c3d8fe64f30daafa69a1c3a76a4a80d61c159c1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100020-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010227
x-timer: S1718567787.082201,VS0,VE3
etag: "rzhbWT3/aUbXsEYIwjdDAQNwNouPdxuKGDAxHYw1MNE"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=319059 idim=2000x1125 ifmt=jpeg ofsz=61452 odim=1080x608 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 61452
x-cache-hits: 9, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/75fd3dd8-2fff-4bb2-ab87-fe67e35ada91/Gut%20Health%20Featured%20Category.png?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ac47436f99fca55e37a929129280617e42c69c00362566f18e25d97fe11bbbb

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100055-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010250
x-timer: S1718567787.083617,VS0,VE2
etag: "Cm3HHbdXpy2fLr8uk2Mv98fxqGUVeV/eM9n6O8q9jDY"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=892044 idim=2000x1125 ifmt=png ofsz=23654 odim=1080x608 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23654
x-cache-hits: 2, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e75e9938-4e1d-4f21-9711-02cbdfbd6788/EU%20Active%20Lifestyle%2016%201.jpg?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 66305073f1e49c88ba3ce366540adaaedd1865f795aaf714f278281b9fefd8bd

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100149-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010211
x-timer: S1718567787.085023,VS0,VE1
etag: "cecitWGEakAtJnLEqkme2fDC+trYcW2Ng3kJcCxNwsk"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=1289224 idim=2000x1125 ifmt=jpeg ofsz=24854 odim=1080x608 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24854
x-cache-hits: 291, 0

GET
H3 200 EU%20Beauty%2016.9%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1cd0f5b3-638d-4f61-91b8-ba0f0ee5cc51/ 21 KB
0 3ms
3ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1cd0f5b3-638d-4f61-91b8-ba0f0ee5cc51/EU%20Beauty%2016.9%201.png?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dc52df71e8161790d9baddc17995494010ebe7358f62bbf0608ee38559547442

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100086-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010251
x-timer: S1718567787.085552,VS0,VE4
etag: "0GeRhQVkl+Z201KgA3ZbkDNTMk55lMEsvrvYpNIeqOI"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=7415503 idim=5754x3236 ifmt=png ofsz=21336 odim=1080x607 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21336
x-cache-hits: 54, 0

GET
H3 200 Perks%20Member.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/ 87 KB
0 3ms
3ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/23f03a2b-a437-45bb-894b-399fd72f055f/Perks%20Member.jpg?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7249705d38d45667c9573d01f750e39a87a1ac9ebdbcd7e36b2d9dc7759cd94b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000075-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010246
x-timer: S1718567787.085510,VS0,VE1
etag: "lviakCqMB91dAcNDud3b3/N287w5Pu0iBrGqaFSv2iY"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=6791563 idim=3392x2729 ifmt=jpeg ofsz=89072 odim=1080x869 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 89072
x-cache-hits: 27, 0

GET
H3 200 Perks%20Member%205%201.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/ 76 KB
0 4ms
4ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/670cdb95-22a2-4849-a9ad-2df79b165ef0/Perks%20Member%205%201.png?w=1080&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6817e2797ce7771afca1bba2f58e69bb1740f92091428ff6b87af8385c19a1cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100113-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010211
x-timer: S1718567787.085486,VS0,VE2
etag: "oaVPn39LPIac7NWAMsTsZHx6cydSuwXsU8CxoFxRXNE"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=4578526 idim=2000x1600 ifmt=png ofsz=77820 odim=1080x864 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 77820
x-cache-hits: 7, 0

GET
H3 200 Aloe_System_launch_Revised_Updated.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/450671bf-92a4-4561-9f87-5a3dda88966e/ 204 KB
46 KB 46ms
42ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/450671bf-92a4-4561-9f87-5a3dda88966e/Aloe_System_launch_Revised_Updated.jpg?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 19bc0f6d878c380aff05c9bc1c224fbe1c58e01004134f626d06a39362efcd52

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200042-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:30 GMT
fastly-io-served-by: vpop-kiad7010217
x-timer: S1718567791.822883,VS0,VE1
etag: "pACjBkdzzsveWzjHp4s89sExXDEtNno/8YNeSVSCuaM"
x-cache: HIT, HIT
fastly-io-info: ifsz=1079437 idim=4096x1862 ifmt=jpeg ofsz=208886 odim=4096x1862 ofmt=webp
access-control-allow-origin: *
content-type: image/webp
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 208886
x-cache-hits: 8, 0

GET
H3 200 30-Day%20Drop%20System%20EU%20Desktop.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2ed0e373-444d-47e2-9551-b460e1485df3/ 531 KB
372 KB 47ms
43ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2ed0e373-444d-47e2-9551-b460e1485df3/30-Day%20Drop%20System%20EU%20Desktop.png?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d16a20680aa74ef728c3177786e90c03edf53ce323d63901261762868694c3a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200072-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:30 GMT
fastly-io-served-by: vpop-kiad7010213
x-timer: S1718567791.823178,VS0,VE1
etag: "dzqqNUgkYyHxUjYvhE/YywG2B6I0BBySSCTOYUsjDgw"
x-cache: HIT, HIT
fastly-io-info: ifsz=6492020 idim=4096x1862 ifmt=png ofsz=544152 odim=4096x1862 ofmt=webp
access-control-allow-origin: *
content-type: image/webp
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 544152
x-cache-hits: 3, 0

GET
H3 200 tri-leaf-white-svg.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/ 1 KB
0 4ms
4ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/440a9aed-97cf-43a5-9560-cf0360f94d78/tri-leaf-white-svg.svg?w=20&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 35ca72ea1571b028a5dbd8b4238fc778832e836c466b9826bab57d5cdcf80dc7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000102-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
last-modified: Tue, 07 Nov 2023 21:51:52 GMT
x-timer: S1718567787.086222,VS0,VE1
etag: 0x8DBDFDBC0C24953
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1160
x-cache-hits: 1528, 0

GET
H3 200 lightbulb_innovation.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/ 1 KB
0 4ms
4ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/2b6bead1-68d5-4f17-8d02-7cad540148d6/lightbulb_innovation.svg?w=80&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0cdfed35e2d774231a81563470ecf23c3c0b6e6c48922a7c0e5198a0321c365b

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200116-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
last-modified: Thu, 08 Feb 2024 18:01:52 GMT
x-timer: S1718567787.086193,VS0,VE1
etag: 0x8DC28D007CEFB54
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1362
x-cache-hits: 4, 0

GET
H3 200 handshake_community.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/ 4 KB
0 4ms
4ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cb02bab5-46f2-46ef-8d35-18fc9b48a00c/handshake_community.svg?w=80&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 03de23361c1221c60ef0070ae7f6b1b30d047e2ed954b3ec03ce374887c523da

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200117-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
last-modified: Thu, 08 Feb 2024 18:05:37 GMT
x-timer: S1718567787.086186,VS0,VE1
etag: 0x8DC28D08D987F23
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4560
x-cache-hits: 24, 0

GET
H3 200 diversity_1_philanthropy.svg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/ 4 KB
0 5ms
5ms Image
image/svg+xml 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c3697eaa-24da-462f-ac51-d3868b3ebbc8/diversity_1_philanthropy.svg?w=80&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5015fb7de2d75e628a6a6efa053ce66de9b47398a3720a8bb14989f17835138f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100044-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
last-modified: Thu, 08 Feb 2024 18:04:29 GMT
x-timer: S1718567787.087435,VS0,VE1
etag: 0x8DC28D064DCF562
x-cache: HIT, HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 4248
x-cache-hits: 10206, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/cd27c4bc-3e32-4ef5-97b9-1e710b8ad0a4/06.13.24%20Father%27s%20Day%20Coffee%20BOGO%20Promotion%20%5BGlobal%5D%20What%27s%20New%20EU.jpg?w=1056&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 85ccd29aa8fa568103997944e6e11bcfda76f30e721a638a6d5f56a1bdfe8ac5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200089-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010231
x-timer: S1718567787.087876,VS0,VE1
etag: "Z8WTZtNl6tI44enLjllJdwUG6b2LLrc9/TpsNwyiEcM"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=818793 idim=1350x1080 ifmt=jpeg ofsz=114734 odim=1056x845 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 114734
x-cache-hits: 3, 0

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/c2243aef-9644-4945-a72f-5c3c74e0971c/Super%20Greens%20Berry-whats-new-spotlight-eu.jpg?w=1056&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7462d19c06a67491fdc2dc85620de513a0b0f43ce194e8e1e5dabfce859f0dc8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100137-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: vpop-kiad7010230
x-timer: S1718567787.087920,VS0,VE1
etag: "R122Cu7rJbxVlqfnn5ZN3Dg8nOf+5vB9r5YM74UafAQ"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=357609 idim=1350x1080 ifmt=jpeg ofsz=24094 odim=1056x845 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24094
x-cache-hits: 5, 0

GET
H3 200 CONF24-Aloe-Spotlight_EU.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/84566695-1cc0-48c0-bcba-3caf94921d28/ 98 KB
0 6ms
6ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/84566695-1cc0-48c0-bcba-3caf94921d28/CONF24-Aloe-Spotlight_EU.png?w=1056&fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 78f1dc05efb8f5158885966bd415e55c9f21f6d392239b2317865af5fe0e368d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200103-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:27 GMT
fastly-io-served-by: img02-us-east4
x-timer: S1718567787.087930,VS0,VE1
etag: "eRn5yUFmNEOkfM4bVjJwMnisZ2pMh1s61jj6HAOzsRE"
x-cache: MISS, HIT
content-type: image/webp
fastly-io-info: ifsz=1525714 idim=1350x1080 ifmt=png ofsz=100150 odim=1056x845 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 100150
x-cache-hits: 0, 0

GET
H3 200 pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
0 2ms
2ms Font
font/woff2 142.250.184.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFd2JQEk.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f3.1e100.net

Software

sffe /

Resource Hash

643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 13 Jun 2024 09:12:34 GMT
x-content-type-options: nosniff
age: 297833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7844
x-xss-protection: 0
last-modified: Fri, 22 Mar 2024 00:02:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Jun 2025 09:12:34 GMT

GET
H2 200 fa-solid-900.woff2
itworkseu.com/portal/ 49 KB
49 KB 552ms
552ms Font
font/woff2 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworkseu.com/portal/fa-solid-900.woff2

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

e23fe6a6a5d9998a759442e8e5c716797a32282f8de163fce97c656408682bef

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/portal/styles.8465263cf49cc437.css
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
x-powered-by: Express
content-length: 50388
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"c4d4-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 894d5d14df1e9064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

GET
H2 200 loader-dark.svg
itworkseu.com/portal/ 839 B
493 B 458ms
457ms Image
image/svg+xml 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itworkseu.com/portal/loader-dark.svg

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/styles.8465263cf49cc437.css

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

544c6fde043c912bbdd51bb76887ddffd0706c38d5d67d89f5da1362216d95f6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/portal/styles.8465263cf49cc437.css
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
content-encoding: gzip
x-powered-by: Express
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:37 GMT
server: cloudflare
etag: W/"347-19012f57e88"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 894d5d174b3a9064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

GET
H2 200 MaterialSymbolsOutlined.woff2
itworkseu.com/assets/material-design-icons/ 3 MB
3 MB 532ms
532ms Font
font/woff2 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://itworkseu.com/assets/material-design-icons/MaterialSymbolsOutlined.woff2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

a8e71dd2ad2c3a12d8f71c9cbf0d42563aefff5828d07e6fe9da709da1f6b26b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Origin: https://itworkseu.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://app.kontent.ai, upgrade-insecure-requests
cf-cache-status: MISS
x-powered-by: Express
content-length: 3052540
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 13 Jun 2024 18:56:44 GMT
server: cloudflare
etag: W/"2e93fc-19012f599e0"
vary: Origin, Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: https://itworkseu.com
cache-control: public, max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 894d5d14df269064-FRA
expires: Sun, 16 Jun 2024 23:56:31 GMT

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0 105ms
104ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=EU30204,EU36401VALUE,EU32603VALUE,EU33403VALUE,EU31005VALUE,EU11102,EU38101VALUE,EU35200VALUE,EU21402,EU37801VALUE&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color,assets,image,mobile_image,link,max_image_width,taxonomy&depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d151c2ebf25-WAW
date: Sun, 16 Jun 2024 19:56:30 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-vie6340-VIE

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 51 KB
12 KB 107ms
106ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1afecca15173e1df9a0b6985bb425c4c062e9ad4f8054eeeafb124739986585

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 16 Jun 2024 19:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: EXPIRED
x-request-charge: 45
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 12022
x-served-by: cache-ams21023-AMS
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:35:02 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5d15bd1abf25-WAW
expires: Sun, 16 Jun 2024 20:01:31 GMT

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 155ms
154ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d15680b9064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 167ms
166ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d15782f9064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
54 B 174ms
174ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d1588409064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 165ms
165ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d1598649064-FRA
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
36 B 170ms
169ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d15a87a9064-FRA
content-length: 0

OPTIONS
H3 204 disclaimer___25_featured_product_long
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 0
0 112ms
106ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/disclaimer___25_featured_product_long?depth=99&language=de-DE

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d16ff1dbf25-WAW
date: Sun, 16 Jun 2024 19:56:31 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-fra-eddf8230030-FRA

OPTIONS
H3 204 items
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 0
0 120ms
116ms Preflight 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=pricing_static_content&depth=99&language=de-DE&limit=1

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: x-kc-sdkid
Access-Control-Request-Method: GET
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: x-kc-sdkid
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 894d5d16ff21bf25-WAW
date: Sun, 16 Jun 2024 19:56:31 GMT
referrer-policy: no-referrer
retry-after: 0
server: cloudflare
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-cache: HIT
x-cache-hits: 0
x-content-type-options: nosniff
x-frame-options: DENY
x-served-by: cache-vie6355-VIE

GET
H3 200 disclaimer___25_featured_product_long Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/ 1 KB
1 KB 122ms
122ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items/disclaimer___25_featured_product_long?depth=99&language=de-DE

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c2e021550b7a922e6a7a59b9f298f379c124595520170ff1cb4e0b60ce7c9ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 16 Jun 2024 19:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: EXPIRED
x-request-charge: 1
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 984
x-served-by: cache-vie6322-VIE
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:35:02 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5d17a843bf25-WAW
expires: Sun, 16 Jun 2024 20:01:31 GMT

GET
H3 200 items Show response
cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/ 3 KB
2 KB 160ms
160ms XHR
application/json 104.18.17.131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=pricing_static_content&depth=99&language=de-DE&limit=1

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.17.131 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64e1318cf9b3d3a1d92dd1167bbd54be9d3b76ad7725376acc76f9acd547221c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-KC-SDKID: npmjs.com;@kontent-ai/delivery-sdk;14.0.1
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

x-cache-hits: 0
date: Sun, 16 Jun 2024 19:56:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
cf-cache-status: EXPIRED
x-request-charge: 1
x-cache: HIT
alt-svc: h3=":443"; ma=86400
content-length: 1254
x-served-by: cache-fra-eddf8230095-FRA
referrer-policy: no-referrer
last-modified: Sun, 16 Jun 2024 19:35:02 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-Continuation,X-Request-Charge,X-Stale-Content,Retry-After
cache-control: public, max-age=300
x-stale-content: 0
accept-ranges: bytes
cf-ray: 894d5d17b85cbf25-WAW
expires: Sun, 16 Jun 2024 20:01:31 GMT

GET
H3 200 Listing-Image-Thermofight_EU%201080.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/f940b825-69b7-4b46-917b-c94feee04d11/ 26 KB
26 KB 50ms
46ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/f940b825-69b7-4b46-917b-c94feee04d11/Listing-Image-Thermofight_EU%201080.png?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 55ffcc920a03845fb206aec323b756e79b337c7a5171e6ec1b5fc04293b3a191

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000115-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:31 GMT
fastly-io-served-by: vpop-kiad7010213
x-timer: S1718567791.195480,VS0,VE1
etag: "Iec5DrmHgSt/DNIPCMlBzVul9VuBTbTuQcHDB2LW84g"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=222081 idim=1080x1080 ifmt=png ofsz=26120 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26120
x-cache-hits: 2, 0

GET
H3 200 EU36401VALUE-SKNY-Gummies-350x350.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a854e2b9-0fd8-4c50-a6ca-fcc1163e487e/ 7 KB
7 KB 51ms
47ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a854e2b9-0fd8-4c50-a6ca-fcc1163e487e/EU36401VALUE-SKNY-Gummies-350x350.jpg?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b8395ff6c59b162cb8b9810e2ee499f61f3315c370c504f3c142dffa721218e0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100114-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:31 GMT
fastly-io-served-by: vpop-kiad7010251
x-timer: S1718567791.195625,VS0,VE1
etag: "MSdvPOv+S/xY6QBEOFNjFGb9V7JYfFFxoJeftg/GN/A"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=53690 idim=350x350 ifmt=jpeg ofsz=6690 odim=350x350 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6690
x-cache-hits: 412, 0

GET
H3 200 listing%20image-eu%20cleanse.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9d218211-99c2-4a54-ad3d-ce13c5c87594/ 44 KB
45 KB 88ms
84ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/9d218211-99c2-4a54-ad3d-ce13c5c87594/listing%20image-eu%20cleanse.png?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c9d249acb8fbd517501cfa1bb7b5607e515c395f80604887c9c0eb33a1be2356

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000163-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:31 GMT
fastly-io-served-by: vpop-kiad7010251
x-timer: S1718567791.196243,VS0,VE3
etag: "mAclWYQtSXglLVZqbNS8THgO9aQn8i5XNfpwpeFjOoE"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=462713 idim=1080x1080 ifmt=png ofsz=45238 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 45238
x-cache-hits: 8, 0

GET
H3 200 Keto%20Coffee%20Original-EU%20%282%29.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/591bb049-953e-4fc9-944c-2c50d824ad70/ 46 KB
46 KB 88ms
85ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/591bb049-953e-4fc9-944c-2c50d824ad70/Keto%20Coffee%20Original-EU%20%282%29.png?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4396487e9885cb041c4d02fbfe5f7c78a3c60787484d6c74b96dc6be00f2f488

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100039-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:31 GMT
fastly-io-served-by: vpop-kiad7010229
x-timer: S1718567791.196042,VS0,VE1
etag: "pvFGPPVyPyS4Y2xLSXdsVqJ+jpbtypvnVfWM3xmG0BY"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=521272 idim=1080x1080 ifmt=png ofsz=47034 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 47034
x-cache-hits: 1, 0

GET
H3 200 EU%20Super%20Greens%20_%20Berry_listing%20image_1080x1080_EU.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e26ff066-8b76-4350-b162-6407b58cccac/ 65 KB
66 KB 51ms
48ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/e26ff066-8b76-4350-b162-6407b58cccac/EU%20Super%20Greens%20_%20Berry_listing%20image_1080x1080_EU.png?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2bd942c264adc91d4fe97e60fbe76faa90ed106199df84d81f36b0d95a9b65db

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kcgs7200026-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:31 GMT
fastly-io-served-by: img02-us-east4
x-timer: S1718567791.196014,VS0,VE1
etag: "VRUmvwga1LjZBBnJE1co2H92mkUh1zLoKWF1RSSduO0"
x-cache: MISS, HIT
content-type: image/webp
fastly-io-info: ifsz=601843 idim=1080x1080 ifmt=png ofsz=66832 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 66832
x-cache-hits: 0, 0

GET
H3 200 MACE11102-listing-image-1.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3729e261-86ba-4623-8a1f-09cd162c9e88/ 9 KB
9 KB 88ms
85ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/3729e261-86ba-4623-8a1f-09cd162c9e88/MACE11102-listing-image-1.jpg?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e0abfdd899252a234842d6ce359a2741f6b64c7a8004ba0cf8185dc774f6ec52

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
content-md5: Gcz9RyhAevY9sljhZ0y2NA==
fastly-io-served-by: vpop-mnz1300710
x-cache: HIT, HIT
fastly-io-info: ifsz=49406 idim=350x350 ifmt=jpeg ofsz=8976 odim=350x350 ofmt=webp
fastly-stats: io=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8976
x-served-by: cache-iad-kiad7000073-IAD, cache-fra-etou8220144-FRA
x-timer: S1718567791.196896,VS0,VE1
etag: "7OW52B91CXkNNoLB2Ho3e+EhJ57u26M5oBnsZMI6qhs"
content-type: image/webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
x-cache-hits: 511, 0

GET
H3 200 Simply%20Aloe%20images.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1d6e5b09-489e-4603-ab7e-4c5d7b72d2f3/ 40 KB
40 KB 89ms
86ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1d6e5b09-489e-4603-ab7e-4c5d7b72d2f3/Simply%20Aloe%20images.png?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 769793e45897c5568f49f861f4e22a9ac1f431f2f6af989eea899d21e71e9fae

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000030-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:31 GMT
fastly-io-served-by: vpop-kiad7010251
x-timer: S1718567791.197045,VS0,VE1
etag: "3pSWX53T3NNdUt6OZBpPOORelhmRTqQqasZUyaLyU9I"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=316770 idim=1080x1080 ifmt=png ofsz=40922 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 40922
x-cache-hits: 3, 0

GET
H3 200 EU35200VALUE-listing-image-1.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ad2b8ca7-8bbb-49bc-9964-b4798f925114/ 9 KB
9 KB 89ms
86ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/ad2b8ca7-8bbb-49bc-9964-b4798f925114/EU35200VALUE-listing-image-1.jpg?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3036db7f0ab4f8a04597a06412637fa63ba094519f90a7ebb5fce7a6c1f55cb5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000112-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:31 GMT
content-md5: P/ZPH5AQlGQWIyD4zeyHqA==
x-timer: S1718567791.196509,VS0,VE2
etag: "h6bu7aAzdaRjLzimFfV77wKiArP7C+9myDnpfBS5tSQ"
x-cache: HIT, HIT
fastly-io-info: ifsz=68825 idim=350x350 ifmt=jpeg ofsz=8928 odim=350x350 ofmt=webp
content-type: image/webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 8928
x-cache-hits: 296, 0

GET
H3 200 EU21402-listing-image.jpg
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1995abff-ae3f-4b38-b19c-66c3fbf44410/ 3 KB
3 KB 90ms
87ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/1995abff-ae3f-4b38-b19c-66c3fbf44410/EU21402-listing-image.jpg?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 915cfc682f9f8638eb24ea37387b79454608eb537883066efb30f341559fc604

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kjyo7100076-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:31 GMT
content-md5: gnLrEWhH5z84ReuIZoQYjA==
x-timer: S1718567791.197040,VS0,VE1
etag: "yG/PneaHCQJ51r0JJ8ffofszgLX5fPykomG6OgRSutY"
x-cache: HIT, HIT
fastly-io-info: ifsz=9904 idim=350x350 ifmt=jpeg ofsz=2934 odim=350x350 ofmt=webp
content-type: image/webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 2934
x-cache-hits: 224, 0

GET
H3 200 SKNY%20HYD%20EU2.png
assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a070f949-b951-4149-8f13-393fd9a24a86/ 95 KB
95 KB 89ms
86ms Image
image/webp 151.101.65.91
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets-us-01.kc-usercontent.com/04049059-9f97-00fa-b634-0afc144f58a8/a070f949-b951-4149-8f13-393fd9a24a86/SKNY%20HYD%20EU2.png?fm=webp&lossless=false
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ca5e892aa31a5618bf172f1137a0893332e5f68570e6568da5e5c89002fd03e4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-served-by: cache-iad-kiad7000061-IAD, cache-fra-etou8220144-FRA
date: Sun, 16 Jun 2024 19:56:31 GMT
fastly-io-served-by: vpop-kiad7010250
x-timer: S1718567791.197045,VS0,VE2
etag: "3EJGp+hzDAqWz/6RjYtwr1yrNskfb+tJBh4CBA+LKTE"
x-cache: HIT, HIT
content-type: image/webp
fastly-io-info: ifsz=1151062 idim=1080x1080 ifmt=png ofsz=97256 odim=1080x1080 ofmt=webp
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
fastly-stats: io=1
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 97256
x-cache-hits: 1, 0

OPTIONS
H2 204 5bb3bd847387e1367e01ff04
events.launchdarkly.com/events/bulk/ 0
0 129ms
128ms Preflight 52.207.169.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.207.169.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-169-67.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-launchdarkly-event-schema,x-launchdarkly-payload-id,x-launchdarkly-user-agent
Access-Control-Request-Method: POST
Origin: https://itworkseu.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-max-age: 300
date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 202 5bb3bd847387e1367e01ff04 Show response
events.launchdarkly.com/events/bulk/ 0
359 B 351ms
349ms XHR
application/json 52.207.169.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04

Requested by

Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.207.169.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-169-67.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
X-LaunchDarkly-Payload-ID: 86ca4730-2c1a-11ef-9fe3-6f527d2ec987
X-LaunchDarkly-Event-Schema: 4
Accept-Language: de-DE,de;q=0.9;q=0.9
X-LaunchDarkly-User-Agent: JSClient/3.1.4
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains
access-control-max-age: 300
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Date
access-control-allow-headers: Accept,Content-Type,Content-Length,Accept-Encoding,X-LaunchDarkly-Event-Schema,X-LaunchDarkly-User-Agent,X-LaunchDarkly-Payload-ID,X-LaunchDarkly-Wrapper,X-LaunchDarkly-Tags
content-length: 0

POST
H2 200 log Show response
itworkseu.com/api/ 0
74 B 163ms
162ms XHR
text/plain 2606:4700::6812:1460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://itworkseu.com/api/log
Requested by: Host: itworkseu.com
URL: https://itworkseu.com/portal/polyfills.82a2842c2492498d.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6812:1460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://itworkseu.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 16 Jun 2024 19:56:31 GMT
cf-cache-status: DYNAMIC
server: cloudflare
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://itworkseu.com
access-control-allow-credentials: true
cf-ray: 894d5d189d589064-FRA
content-length: 0

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/4/intl/de_ALL/ 257 KB
56 KB 42ms
42ms Script
text/javascript 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/4/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f10.1e100.net

Software

sffe /

Resource Hash

aec23098ad4d84b8087d5239d10508d850fc630a6191d7426be9eee708c61acb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 18:15:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 351645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57504
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 17:15:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 18:15:47 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/57/4/intl/de_ALL/ 182 KB
56 KB 45ms
45ms Script
text/javascript 172.217.16.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/57/4/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyBV2eI1wtvGuT8wCPXn1R0w_T-zYpG6bdI&callback=onGoogleMapsLoad

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f10.1e100.net

Software

sffe /

Resource Hash

8605845bf610f6d4932e2c9d3f169976e1195b4b6b0fd9ea2dabc25906812bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://itworkseu.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 18:15:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 351645
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57111
x-xss-protection: 0
last-modified: Tue, 11 Jun 2024 17:15:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jun 2025 18:15:47 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: services.itworks.com
URL: https://services.itworks.com/countries/v1/countrysettings/undefined

Domain: services.itworks.com
URL: https://services.itworks.com/countries/v1/countrysettings/undefined

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46c0v890894587z879783485za200zb79783485&_p=1718567780990&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=492794762.1718567782&ecid=638573367&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=3&sid=1718567781&sct=1&seg=0&dl=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dt=It%20Works!&en=page_load_time&epn.loading_time_sec=2.42&_et=1032&tfd=4292

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46c0v890894587za200zb79783485&_p=1718567780990&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=492794762.1718567782&ecid=638573367&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=4&sid=1718567781&sct=1&seg=0&dl=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dt=It%20Works!&en=user_engagement&_et=1863&tfd=4293

Domain: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/fa-solid-900.woff2

Domain: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/assets/material-design-icons/MaterialSymbolsOutlined.woff2

Domain: events.launchdarkly.com
URL: https://events.launchdarkly.com/events/bulk/5bb3bd847387e1367e01ff04

Domain: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/api/log

Domain: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/api/log

Domain: cmsproxy.itworks.com
URL: https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=EU30204,EU36401VALUE,EU32603VALUE,EU33403VALUE,EU31005VALUE,EU11102,EU38101VALUE,EU35200VALUE,EU21402,EU37801VALUE&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color,assets,image,mobile_image,link,max_image_width,taxonomy&depth=99&language=de-DE

Domain: cmsproxy.itworks.com
URL: https://cmsproxy.itworks.com/04049059-9f97-00fa-b634-0afc144f58a8/items?system.type=product&elements.sku[in]=EU30204,EU36401VALUE,EU32603VALUE,EU33403VALUE,EU31005VALUE,EU11102,EU38101VALUE,EU35200VALUE,EU21402,EU37801VALUE&elements=name,sku,featured_image,listing_image,highlight_tag,detailed_promotion,verbiage,background_color,call_to_action,content,heading,promotion_message,rich_promotion_message,text_color,assets,image,mobile_image,link,max_image_width,taxonomy&depth=99&language=de-DE

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46c0v890894587z879783485za200zb79783485&_p=1718567784690&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=89742424.1718567785&ecid=175592450&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=3&sid=1718567784&sct=1&seg=0&dl=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dr=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dt=It%20Works!&en=page_load_time&epn.loading_time_sec=0.64&_et=8&tfd=3224

Domain: region1.google-analytics.com
URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B9ZCN4XJNP&gtm=45je46c0v890894587za200zb79783485&_p=1718567784690&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&tag_exp=0&cid=89742424.1718567785&ecid=175592450&ul=de-de&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_s=4&sid=1718567784&sct=1&seg=0&dl=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dr=https%3A%2F%2Fvanessaor.itworkseu.com%2F&dt=Startseite%20%7C%20IT%20WORKS!&en=user_engagement&_et=2564&tfd=3225

Domain: vanessaor.itworkseu.com
URL: https://vanessaor.itworkseu.com/portal/fa-solid-900.woff

Verdicts & Comments Add Verdict or Comment

181 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.vanessaor.itworkseu.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 471210314627738c5b8cedab1908105d50034ea5868ee5c4930814b5b51923d3
.vanessaor.itworkseu.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 471210314627738c5b8cedab1908105d50034ea5868ee5c4930814b5b51923d3
.itworkseu.com/	1970-01-21 06:08:23	Name: toggle-user Value: US-en-RC-10
.itworkseu.com/	1970-01-21 06:08:23	Name: IWGDetectedLocale Value: de-DE
.itworkseu.com/	1970-01-21 06:08:23	Name: IWGCountrySlug Value: DE
.itworkseu.com/	1970-01-21 06:08:23	Name: IWGLanguageSlug Value: de
.itworkseu.com/	1970-01-21 06:08:27	Name: IWGSessionGuid Value: {CAB7B48D-3948-45B3-A563-37980EB9DA43}
.itworkseu.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: 8d42623cf9c83176199096cbf9cd79090e65c8649eb1b974ce8e1764b49a5c1e
.itworkseu.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: 8d42623cf9c83176199096cbf9cd79090e65c8649eb1b974ce8e1764b49a5c1e

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://services.itworks.com/customer/v1/profiles/vanessaor Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://services.itworks.com/customer/v1/profiles/vanessaor/details Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://services.itworks.com/customer/v1/profiles/vanessaor/details Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://app.kontent.ai upgrade-insecure-requests
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.launchdarkly.com
assets-us-01.kc-usercontent.com
clientstream.launchdarkly.com
cmsproxy.itworks.com
code.jquery.com
events.launchdarkly.com
fonts.gstatic.com
itworkseu.com
maps.googleapis.com
region1.google-analytics.com
services.itworks.com
static.myitworks.com
vanessaor.itworkseu.com
www.google-analytics.com
www.googletagmanager.com
cmsproxy.itworks.com
events.launchdarkly.com
region1.google-analytics.com
services.itworks.com
vanessaor.itworkseu.com
104.18.16.131
104.18.17.131
142.250.184.227
151.101.130.217
151.101.65.91
172.217.16.202
2001:4860:4802:34::36
216.239.32.36
2606:4700::6812:1079
2606:4700::6812:1183
2606:4700::6812:1460
2a00:1450:4001:828::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a04:4e42:200::649
2a04:4e42::347
52.207.169.67
76.223.31.44
03de23361c1221c60ef0070ae7f6b1b30d047e2ed954b3ec03ce374887c523da
0587470bf94a3afee5bf803a6aa31c55807ce970fb6c63e34fe8b41219a42603
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
06b2ddf9493f9858bb5e54b00f40987b46c7e2bd94c524b9ad3a428e863e8002
0cdfed35e2d774231a81563470ecf23c3c0b6e6c48922a7c0e5198a0321c365b
0faafdb139b75f63e0a8e3efe617e12474e8475fb08c39d22c5f78837d36f384
13ea5439013b32e445a52c319fb1f72f4dd6da9d9604c008bf13d95f26e1027d
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
19bc0f6d878c380aff05c9bc1c224fbe1c58e01004134f626d06a39362efcd52
1b6c690df25bec1788ce23f974760cd04c95271bf5de0d9874322b1b46220028
226631a8fa9deee07022680ce0461b7a09b416b616c56ebcaf21f50e2b34ea8f
2379c51d9a919a8b4033e04406c6b9aa810951eb66e11d71f3d7d99e68f85e90
2669d1dc0fcc15296e89d94dc45f818b2b680d2954c378fd250b1ba7e8f92377
26d5fa7994fe44ed8f888119edf7eb4d81020c9e551272b84efed081c589abdf
2bd942c264adc91d4fe97e60fbe76faa90ed106199df84d81f36b0d95a9b65db
2d55569771d59c3b9fc13bec04015dd42e8a64d757ed1bf3e1d5c13720804d0f
3036db7f0ab4f8a04597a06412637fa63ba094519f90a7ebb5fce7a6c1f55cb5
32779f411f780e66b75abbd48f6e3709ccda4ec34ae1e0a3fb4971750582199a
33e1203c3ea9e900bc906fde3d0fc093d587a11fea5848a505b5ec8688112648
34dfad7e9b3dcc2e555e0de68fec13cadd267c3c906396e12a5c054b41a400eb
35ca72ea1571b028a5dbd8b4238fc778832e836c466b9826bab57d5cdcf80dc7
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3c09352a88ecf332aef871bfac5b3b54cadbd3c4cc3939dc0e25d7d4e8ce3d5f
3dc5d0c52428fe1696264907a1054ebbaac07f8cbe45832c105f819c2ae397c0
3ea09d57427d6da60661646de7b671ab0f7d1a76cf98d1beb72129656122deae
408eda64b810bd8e0657804c98247b0791002077b07bac1e51db6b2e87098abf
40cc6441f1fbb4912679a0a61b26ae40c751c9a260fac6cf64f8a1308cf0ac15
425e80c067d53827c523399ca34da4b5d13041f3982f965c8f2e104ac9aa898c
42d8049dc540416d485e49e5258494a40fad372cfd037704c30fe4e4bd8ac26b
43960a3de33d68d63123e8628c3d8fe64f30daafa69a1c3a76a4a80d61c159c1
4396487e9885cb041c4d02fbfe5f7c78a3c60787484d6c74b96dc6be00f2f488
44dfdea1720d441470cbfe3836dffedf97808045cb29c695f40e4b7f48ffd353
491ad16cde975de0388e6b684025b30332dfe28c0bae2f9285ec93da0ef3d49f
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5015fb7de2d75e628a6a6efa053ce66de9b47398a3720a8bb14989f17835138f
544c6fde043c912bbdd51bb76887ddffd0706c38d5d67d89f5da1362216d95f6
554a99b5851aef249e71b90594c453f1aa49baadd305ccf057e2686cf8694bf5
557d020af00c516825b46d036cfc6fd60c8174a802a63458c2a63af428014cf7
55ffcc920a03845fb206aec323b756e79b337c7a5171e6ec1b5fc04293b3a191
5ad3f76d575aef3074edd35e6c3ab8b912d1cf6afec4814a4efeef44f5635a0b
5c5e7bf09ffe0aa6d5fbebdeddc9cb330951e00a246ee2f7edb747b54793a8c3
5c74cfe09a2674b96690810fd5c41a64f107997e9b9bd9e6ba14cc7713cfe86c
643e38d8c288a1da34a14a68a5012441929108d50054414ce8cc33fad36a2354
64e1318cf9b3d3a1d92dd1167bbd54be9d3b76ad7725376acc76f9acd547221c
66305073f1e49c88ba3ce366540adaaedd1865f795aaf714f278281b9fefd8bd
6817e2797ce7771afca1bba2f58e69bb1740f92091428ff6b87af8385c19a1cf
68aa7cb71344c2855bb324d7d3937d73989545bca89b634b6b10069abdac7a20
695b8049e98f72c985a699d677d4d24b4086fa3454f5828165712b2e5a4ce534
7249705d38d45667c9573d01f750e39a87a1ac9ebdbcd7e36b2d9dc7759cd94b
7462d19c06a67491fdc2dc85620de513a0b0f43ce194e8e1e5dabfce859f0dc8
769793e45897c5568f49f861f4e22a9ac1f431f2f6af989eea899d21e71e9fae
78f1dc05efb8f5158885966bd415e55c9f21f6d392239b2317865af5fe0e368d
7b332c71515a908fe98cd6073f2e36ce95b381b391121aa7603b93400314d530
8011a6f2ab276eb4c7b1670e043c34fde360c96b1f43edf307cd78b66696d2ab
8378c9df9e9ca62784c40955d2dfb36053e1d902095a8165143ebaa42e8ab135
84765e63e56cafa0ae2a9ee2b777deb0c85e37b0b233196db9e445b730406d70
85ccd29aa8fa568103997944e6e11bcfda76f30e721a638a6d5f56a1bdfe8ac5
8605845bf610f6d4932e2c9d3f169976e1195b4b6b0fd9ea2dabc25906812bc8
872e862918591a9e824dc03ed92f05729435ffbb8ebbb10eff7eda26592b1798
910548fa5624b6a2ebb9e65e942a966115cd113c9f3f44c251ad15b34b87f533
915cfc682f9f8638eb24ea37387b79454608eb537883066efb30f341559fc604
934e53e6455ab5eabcc58f0d0431ddb5001a86be6f1c87b66e1cc0fafcea8bc8
953366aa1f6944ad812a823a840020d3fb795066155428aa3b63d3a0ad9b18a9
9ac47436f99fca55e37a929129280617e42c69c00362566f18e25d97fe11bbbb
9c2e021550b7a922e6a7a59b9f298f379c124595520170ff1cb4e0b60ce7c9ea
9c2ed0f2e3c12646aa7acf5f849190e1c73ee67926803757a526abd7e955089f
9c65ef5bc96c24b485c1809f0b27e1e2e4e41a291821f62b4e5f302bc4c5688e
9c6b0d6471bccb5f084f1268800f29520099224469d9cd4f8b8e9cb54f04fd45
a1afecca15173e1df9a0b6985bb425c4c062e9ad4f8054eeeafb124739986585
a2bbb46985d2beda7522dd7ecf813b254a23b76501d43dc0504ea4b10ff5d382
a8e71dd2ad2c3a12d8f71c9cbf0d42563aefff5828d07e6fe9da709da1f6b26b
abe3459beffdf09ae5d7d0992d93704b43a30ecdd519a6d21494fdebc95ce394
aec23098ad4d84b8087d5239d10508d850fc630a6191d7426be9eee708c61acb
b091f3023446e7f64d26b68228d1d5aa794ac256f08cef1fdcb158b6ea1f0b95
b1263d0804845ef80ebb852fade8fd01fea4f2dd23d613ad36754d1fcbcc60a7
b63b867b6cf8ef8729da71f2c5d2b5c211ebac41cc32553cbcd8869635500c39
b8395ff6c59b162cb8b9810e2ee499f61f3315c370c504f3c142dffa721218e0
c10991b6fb18ae372896b4fc60fa2877b7fde14df3ea85a051fff3f6b764b562
c6437d38ffa572dd9cb43604f3c32def0b2a38889b03c649e1b7a2a6200aa031
c9d249acb8fbd517501cfa1bb7b5607e515c395f80604887c9c0eb33a1be2356
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca5e892aa31a5618bf172f1137a0893332e5f68570e6568da5e5c89002fd03e4
ceb2fcee0d66807522ec4b1a5a0501291a6d2fbb3b128a6d00a09e5a2b07b686
d143fe191026f5124ebaa7d881b32df80c7618f798bbf78c7d7fd77815c69b28
d16a20680aa74ef728c3177786e90c03edf53ce323d63901261762868694c3a9
dc52df71e8161790d9baddc17995494010ebe7358f62bbf0608ee38559547442
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df6ef88114736b4e8f7c2856c39fe7295e7c275f679bfa8f4d5ec6b4dc2c87fe
e0abfdd899252a234842d6ce359a2741f6b64c7a8004ba0cf8185dc774f6ec52
e0f26706734565750116c1452cb72c74c23c4f0d71d26857db24ee2d434f0b92
e18770638773bed841600b9b56ff4e1d27b6d859f85b83d0a24f8b6084ca73e9
e23fe6a6a5d9998a759442e8e5c716797a32282f8de163fce97c656408682bef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8d7453f1b6aee84cf2a2eb5a5627e94f9974613636906dccc4908d10fec6aa6
eb0a40d6189d005af2798fedd75181a76cf220bcfef2bb917754cd86edaa61e1
f323a128b28cc4ed8af57ae5e36da439f69c62e45a5a654d5616cac80b1e0e5d
f7d576a726f89a64a89b6c54f831bb9cc34386a50463fa4727ad54fef691f27c
f903fe115a4659bfb93d1d6eeade16ddd585ed40c7925752f1f12e78867689a7
fa3d939cc54d19190dcd649af77411ecb671b9511def19acceed663d3c149693
fb67f8ee1ba164ed353f6682efc0f15d1c83145619fcfa9e58670710e49e0bde

itworkseu.com Open in urlscan Pro 2606:4700::6812:1460 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

322 Requests

96 %HTTPS

53 %IPv6

10 Domains

15 Subdomains

20 IPs

3 Countries

7611 kBTransfer

23694 kBSize

9 Cookies

6 Outgoing links

Page URL History

Redirected requests

322 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

itworkseu.com Open in urlscan Pro
2606:4700::6812:1460 Public Scan

Screenshot
Live screenshot

Full Image

322
Requests

96 %
HTTPS

53 %
IPv6

10
Domains

15
Subdomains

20
IPs

3
Countries

7611 kB
Transfer

23694 kB
Size

9
Cookies

322 HTTP transactions
0 data transactions