www.qwell.io Open in urlscan Pro
2606:4700:20::681a:8c6  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.qwell.io/	3 KB 3 KB	174ms 63ms	Document text/html	2606:4700:20::681a:8c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash b46bf0cfcf02d3a7bd93ec7599956c2555127a5f81f27ec57c3346bf7c9bf473 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 accept-language en-GB,en;q=0.9 Response headers cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 7ebe84c87814dc21-LHR content-encoding br content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live content-security-policy-report-only default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_test_environments_or_csp-report-only_header_in_live content-type text/html; charset=utf-8 date Mon, 24 Jul 2023 19:20:07 GMT last-modified Monday, 24-Jul-2023 19:20:07 UTC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkVtic7S%2BiggHOMXWTndbPp04y57h0xK7aaK6NklOSeheLG3Fye%2FNKxwcw8nhrEq7BhgivSn4d8hZqeL%2B9q9DdPURCAcU3kJHPRqXtbQk7n6Cg%2FEvgWTVpe3Lb44ajv%2Bv92MfR01vOuMlw%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare strict-transport-security max-age=15552000 via 1.1 google x-content-type-options nosniff x-envoy-upstream-service-time 2 x-frame-options SAMEORIGIN x-powered-by Express
GET H2	200	localize.js Show response global.localizecdn.com/	61 KB 23 KB	168ms 57ms	Script application/javascript	2606:4700:10::6816:18a6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://global.localizecdn.com/localize.js Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:18a6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 93b3ec9b71d6f98100eb200c98db71d8cdaeb21e6871f8d2d6a014a59bdd9e7b Security Headers Name Value Strict-Transport-Security max-age=15552000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-meta-x-amz-meta-v 476 date Mon, 24 Jul 2023 19:20:07 GMT via 1.1 759d447e04dad48878f29ac5fabe9524.cloudfront.net (CloudFront) x-content-type-options nosniff x-amz-version-id AqirbCIUHPZeEukYNikmovnvk0B6hp.S cf-cache-status HIT strict-transport-security max-age=15552000; includeSubDomains; preload age 161367 x-amz-cf-pop LHR50-P7 x-amz-server-side-encryption AES256 content-encoding br x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 cf-bgj minify last-modified Fri, 30 Jun 2023 12:44:06 GMT server cloudflare etag W/"ed126c23129a4e0a29fcd64d09229007" vary Accept-Encoding content-type application/javascript cache-control public, max-age=259200 cf-ray 7ebe84c9af9e887d-LHR x-amz-cf-id QuiO8UY9P3Y8SINNazQ7llcKCQCuotttduHsO9eG_rwNJ0ZbMVvG2g==
GET H2	200	react_v17-0-2.js Show response storage.googleapis.com/kooth-assets-live/kooth/libraries/	11 KB 5 KB	191ms 88ms	Script application/javascript	2a00:1450:4001:802::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/kooth-assets-live/kooth/libraries/react_v17-0-2.js Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash f739d90cd40b4a1b21514c867c41b2ae210f25d80e987f99c0103e74193cb8e4 Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:07 GMT content-encoding gzip age 0 x-guploader-uploadid ADPycdv8eG8-S_rT99nMePRuWVNinhGmpJbznj9ZBJd1AvqQnCEG_o2ccBG43izXCYQM7DYYvJMNiJCYjlog4d6q788PJA x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4581 last-modified Tue, 11 Jul 2023 08:49:56 GMT server UploadServer etag "ff2bec6acf81a5f79a6a14b2e7237410" vary Accept-Encoding x-goog-generation 1689065396515438 x-goog-hash crc32c=qX/FqQ==, md5=/yvsas+BpfeaahSy5yN0EA== access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, immutable x-goog-stored-content-length 4581 accept-ranges bytes content-type application/javascript expires Tue, 23 Jul 2024 19:20:07 GMT
GET H2	200	react-dom_v17-0-2.js Show response storage.googleapis.com/kooth-assets-live/kooth/libraries/	118 KB 39 KB	193ms 89ms	Script application/javascript	2a00:1450:4001:802::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/kooth-assets-live/kooth/libraries/react-dom_v17-0-2.js Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 2cfc5e6359c20684c7c942ecff1159203e5461639ba8977715ab9d57679cdb3c Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:07 GMT content-encoding gzip age 0 x-guploader-uploadid ADPycdtbwl-NbaHDM4ByIGKXGH7GhemhUswBy_PCljKcAFmvKvwpEPZM0O7tm6sYpJpg11b0fBHMaUdpHe4gO6nxCuZ-Ag x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39795 last-modified Tue, 11 Jul 2023 08:49:56 GMT server UploadServer etag "97c4966aa3958f542da2ce134da9c837" vary Accept-Encoding x-goog-generation 1689065396551413 x-goog-hash crc32c=CrRYnQ==, md5=l8SWaqOVj1Qtos4TTanINw== access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, immutable x-goog-stored-content-length 39795 accept-ranges bytes content-type application/javascript expires Tue, 23 Jul 2024 19:20:07 GMT
GET H2	200	app.config.js Show response www.qwell.io/config/	3 KB 3 KB	52ms 51ms	Script application/javascript	2606:4700:20::681a:8c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.qwell.io/config/app.config.js Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dac3a779614b333a90e969054de25e609bfe4b14d6d41fbc12e0a183a1f0d171 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:07 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=15552000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status BYPASS content-encoding br content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live content-security-policy-report-only default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_test_environments_or_csp-report-only_header_in_live x-envoy-upstream-service-time 1 last-modified Monday, 24-Jul-2023 19:20:07 UTC server cloudflare x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KFFNxGr8YaPwb%2F5QcnfX%2FuXfGkq4Avn9eSxcEQS%2Bq%2BjWuv1BTrNYChRRd7jeOlRv97R2CDw7kLAbht22Oc69qjHSLE3jdddsi6a%2Bl3fipJ1JwplUBwFnOtBk6PKM6OjxTfHgjdysB160Qw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript vary Accept-Encoding cache-control no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0 cf-ray 7ebe84c8e8acdc21-LHR
GET H2	200	890.7989f19c0f6dce125108.bundle.js Show response www.qwell.io/tavern-static/	713 KB 177 KB	43ms 42ms	Script application/javascript	2606:4700:20::681a:8c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.qwell.io/tavern-static/890.7989f19c0f6dce125108.bundle.js Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 65b0e2e4d495f467f3604be9ccae27795b604488e2c52ec402b65f9d6ab10b42 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://www.qwell.io/ Origin https://www.qwell.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:07 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=15552000 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live age 363159 content-security-policy-report-only default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_test_environments_or_csp-report-only_header_in_live content-encoding br x-envoy-upstream-service-time 71 last-modified Thu, 20 Jul 2023 14:17:04 GMT server cloudflare etag W/"42619306a614a55a7a8444668b2add68" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LuDCIspF8IHpDhgSxHuO8cyw6v9VEVm1nKhOksM%2FMIXP3BF3IapcookW0BEHxoQjbESMKRM1MYcEDeZwcU6oR%2FRvPhReCzgvWVPxFanKkw%2FyHBykhVrMErxFGRk7r8cK2rRPkBmtXmeTJQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin https://www.qwell.io cache-control max-age=157680000,public access-control-allow-credentials true vary Accept-Encoding cf-ray 7ebe84c8e8b0dc21-LHR expires Tue, 18 Jul 2028 14:27:28 GMT
GET H2	200	main.7989f19c0f6dce125108.bundle.js Show response www.qwell.io/tavern-static/	1 MB 255 KB	41ms 40ms	Script application/javascript	2606:4700:20::681a:8c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.qwell.io/tavern-static/main.7989f19c0f6dce125108.bundle.js Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4aa6820cf699035fcce704eb8a7ff5338dee2587b8f84e88d91a0f93c03f392c Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers Referer https://www.qwell.io/ Origin https://www.qwell.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:07 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=15552000 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live age 363159 content-security-policy-report-only default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_test_environments_or_csp-report-only_header_in_live content-encoding br x-envoy-upstream-service-time 66 last-modified Thu, 20 Jul 2023 14:17:06 GMT server cloudflare etag W/"3a3e951aea5d09a0cb351729c766fe54" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=crCF4BSEssEeTq8DEugUwhaok%2F10WH4vpnIMYLkP8rKtdYbt9Ce5pUn8s1K0nwFXkJqVccqbl%2FYheHyCcaL0k0EY83kV9dQ4%2FnXURGrbWi4F%2BquMLzurh8hbJv4NWqxwMviSGqat6W95Lw%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript access-control-allow-origin https://www.qwell.io cache-control max-age=157680000,public access-control-allow-credentials true vary Accept-Encoding cf-ray 7ebe84c8e8b2dc21-LHR expires Tue, 18 Jul 2028 14:27:28 GMT
GET H2	200	main.9eb5018a6c43c49683e4.css www.qwell.io/tavern-static/	65 KB 16 KB	42ms 41ms	Stylesheet text/css	2606:4700:20::681a:8c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.qwell.io/tavern-static/main.9eb5018a6c43c49683e4.css Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a94a6dc7cf3b1ac9aa3fa3a1caf3b82fc14d50953d7e714cf6b3a51c2190fffc Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:07 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=15552000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT age 2945358 content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live content-security-policy-report-only default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_test_environments_or_csp-report-only_header_in_live content-encoding br x-envoy-upstream-service-time 84 last-modified Tue, 20 Jun 2023 16:51:03 GMT server cloudflare etag W/"d68bb574dc67a34f2c95254ebd4df71b" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhiHRLRmlzGA%2FBhjULOJpraWKV9vEvMDGXFkw17833wCgi259sb6cn53LaDwpUfhEmKKwM8j7vZUFsy1Z7KyGcM0S93qDyMR8SItk2samVpqg9G4QkofSh9gTLIdU9MaRnl0x%2BJIUejoFA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding cache-control max-age=157680000,public cf-ray 7ebe84c8e8aedc21-LHR expires Sun, 18 Jun 2028 17:10:49 GMT
GET H2	200	css2 fonts.googleapis.com/	12 KB 916 B	153ms 56ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700;800&family=Roboto:wght@400;700&display=swap Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 42d4fa568a30cb210455462755b49dec23c9948ab61169c13fb2e76275e598cc Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 24 Jul 2023 19:20:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 24 Jul 2023 19:20:07 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 24 Jul 2023 19:20:07 GMT
GET H2	200	css2 fonts.googleapis.com/	2 KB 1019 B	152ms 54ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@700&display=swap Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c402f71dd7ede3b109771cf89cba20eb26ba88702a87d24493e630cb31c66c34 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 24 Jul 2023 19:20:07 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 24 Jul 2023 18:27:37 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 24 Jul 2023 19:20:07 GMT
GET H2	200	react_v16-14-0.js storage.googleapis.com/kooth-assets-live/kooth/libraries/	0 5 KB	113ms 112ms	Other application/javascript	2a00:1450:4001:802::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/kooth-assets-live/kooth/libraries/react_v16-14-0.js Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT content-encoding gzip age 0 x-guploader-uploadid ADPycdshNA_kpBEVDPEWA-YLzyosC6ViY2AlYaqVbMeI_EdsSuq02NIky-LPU0qESZB3pCW-EXY5A8NRluOKhgdlKOtNsw x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4908 last-modified Tue, 11 Jul 2023 08:49:56 GMT server UploadServer etag "63f0cd3845f0528030054244842cf99c" vary Accept-Encoding x-goog-generation 1689065396579509 x-goog-hash crc32c=rlwwBg==, md5=Y/DNOEXwUoAwBUJEhCz5nA== access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, immutable x-goog-stored-content-length 4908 accept-ranges bytes content-type application/javascript expires Tue, 23 Jul 2024 19:20:08 GMT
GET H2	200	react-dom_v16-14-0.js storage.googleapis.com/kooth-assets-live/kooth/libraries/	0 37 KB	90ms 90ms	Other application/javascript	2a00:1450:4001:802::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/kooth-assets-live/kooth/libraries/react-dom_v16-14-0.js Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT content-encoding gzip age 0 x-guploader-uploadid ADPycds5pp3Bh538bMh-bhl1mYdl64m1bQ4xbI-LFm72h0GKYomwSKkQ3F9iutWo286a1u6LwxlenJfNu8bYoxflsoNjIw x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding gzip alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 37972 last-modified Tue, 11 Jul 2023 08:49:56 GMT server UploadServer etag "ef40093b7cb2d0a012dcc4991f76eab9" vary Accept-Encoding x-goog-generation 1689065396579799 x-goog-hash crc32c=2hOh0w==, md5=70AJO3yy0KAS3MSZH3bquQ== access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, immutable x-goog-stored-content-length 37972 accept-ranges bytes content-type application/javascript expires Tue, 23 Jul 2024 19:20:08 GMT
GET H2	200	670.a4cbf471e0eb21f253a9.css www.qwell.io/tavern-static/	5 KB 3 KB	60ms 60ms	Stylesheet text/css	2606:4700:20::681a:8c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.qwell.io/tavern-static/670.a4cbf471e0eb21f253a9.css Requested by Host: www.qwell.io URL: https://www.qwell.io/tavern-static/main.7989f19c0f6dce125108.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cf42a9984fc18313f0f39cf77aa8e952202dcd7bbae69c7ac30c30975a70595d Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=15552000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT age 362827 content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live content-security-policy-report-only default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_test_environments_or_csp-report-only_header_in_live content-encoding br x-envoy-upstream-service-time 102 last-modified Thu, 20 Jul 2023 14:17:04 GMT server cloudflare etag W/"a652d9ac82642c0bb38a30c9c1abe6dc" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y43JE26oCSFQnB7pc5tyzqzKgnXYBputWaK40L%2B4RjnwIy%2BOCBkl%2BwBXZLKIsPW9wIevwgxblG8uF2KARpWYvoeofX%2B0JTGVZjS3AK4%2F8AZ1LopB%2B%2FxDwn5drP2E5asaSg9VchaB1wwodg%3D%3D"}],"group":"cf-nel","max_age":604800} content-type text/css vary Accept-Encoding cache-control max-age=157680000,public cf-ray 7ebe84caebb0dc21-LHR expires Tue, 18 Jul 2028 14:33:01 GMT
GET H2	200	670.f011f072d698b847e0db.bundle.js Show response www.qwell.io/tavern-static/	112 B 535 B	52ms 52ms	Script application/javascript	2606:4700:20::681a:8c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.qwell.io/tavern-static/670.f011f072d698b847e0db.bundle.js Requested by Host: www.qwell.io URL: https://www.qwell.io/tavern-static/main.7989f19c0f6dce125108.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 250ac9578e998b9456900ab2f020c9b210c7415002d2f9aebe849c43033373ce Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=15552000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status HIT age 4112728 content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live content-security-policy-report-only default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_test_environments_or_csp-report-only_header_in_live content-encoding br x-envoy-upstream-service-time 52 last-modified Tue, 06 Jun 2023 08:53:38 GMT server cloudflare etag W/"84d384d91059941d1c1f28f9a89f1d15" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OF4Oeyw8dpaMtDJeAUm7CraGuBTeuG1tNojktxrO812GlrU34ofkJa0PjipX5QtfAkITMUuF4%2Bs%2BX%2B7QMt7tQ4SeKSUHTyGrnS7OqJcW4eC2gF6Yu%2FygYdcux5crRTsBNUuKFVXpBS15Ow%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript vary Accept-Encoding cache-control max-age=157680000,public cf-ray 7ebe84caebb2dc21-LHR expires Mon, 05 Jun 2028 04:54:40 GMT
GET H2	200	script.js Show response cdn.usefathom.com/	6 KB 2 KB	530ms 169ms	Script application/javascript	2400:52e0:1a01::907:1 BUNNYCDN
General Check archive.org Show headers Download Go to Full URL https://cdn.usefathom.com/script.js Requested by Host: www.qwell.io URL: https://www.qwell.io/tavern-static/main.7989f19c0f6dce125108.bundle.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a01::907:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-LA1-907 / Resource Hash 19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81 Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT content-encoding br cdn-edgestorageid 985 x-vapor-base64-encode True cdn-cachedat 07/24/2023 15:48:26 cdn-pullzone 506217 last-modified Mon, 24 Jul 2023 04:54:50 GMT server BunnyCDN-LA1-907 cdn-proxyver 1.04 cdn-requestpullcode 200 etag W/"d41d8cd98f00b204e9800998ecf8427e" vary Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cdn-cache HIT cdn-uid aa90c48b-f401-4fa1-aac1-c94c8f3ae560 cache-control public, max-age=0 cdn-requestid bb7c04e31d3d80cd0fd0a6fde6660e28 cdn-requestcountrycode GB cdn-status 200 cdn-requestpullsuccess True
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 097b72347f22babcdb541e14c5b29f5e0a2c6c5062507858eb65aa900bb4297b Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	integrations Show response cdn.segment.com/v1/projects/kEP43qgjAR9tLOjC2xLprMtD8bkz3XMA/	1 KB 925 B	181ms 51ms	Fetch application/json	99.86.8.175 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://cdn.segment.com/v1/projects/kEP43qgjAR9tLOjC2xLprMtD8bkz3XMA/integrations Requested by Host: www.qwell.io URL: https://www.qwell.io/tavern-static/890.7989f19c0f6dce125108.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.8.175 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-8-175.fra6.r.cloudfront.net Software AmazonS3 / Resource Hash 54dc62df1cb975917eff5236e58b2e41573f7214e932ce94d5e312769fa2bc68 Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers x-amz-version-id WBdHH7EljCmofn__z3gRqQsOhJjPdcij content-encoding br via 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront) date Mon, 24 Jul 2023 19:20:08 GMT x-amz-cf-pop FRA6-C1 age 381 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Fri, 05 May 2023 13:07:31 GMT server AmazonS3 etag W/"50493c85cb28b53385abd5694e9c1154" access-control-max-age 3000 access-control-allow-methods GET, HEAD content-type application/json; charset=utf-8 access-control-allow-origin * cache-control public, max-age=10800 vary Accept-Encoding x-amz-cf-id BVwXskwH3kiXqBS6mqiZTUro2IlA6RPq0-3o6I6F_KbiJELYcdHo5g==
GET H2	200	config_v5.json Show response cdn-global.configcat.com/configuration-files/VTXYCB9NF0aKhf4U9viY0Q/93uUK8uwekqS0T8-WEgnuQ/	10 KB 4 KB	134ms 46ms	XHR application/json	2606:4700::6812:1c1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-global.configcat.com/configuration-files/VTXYCB9NF0aKhf4U9viY0Q/93uUK8uwekqS0T8-WEgnuQ/config_v5.json?sdk=ConfigCat-JS/m-6.0.1 Requested by Host: www.qwell.io URL: https://www.qwell.io/tavern-static/890.7989f19c0f6dce125108.bundle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1c1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d63976d8974b224c82537bc03ab29de64fc9f11b61dfd3480a9519a101ac7287 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT content-encoding gzip cf-cache-status HIT last-modified Mon, 24 Jul 2023 15:39:53 GMT server cloudflare strict-transport-security max-age=31536000; includeSubDomains; preload age 578 etag W/"64be9b49-26ca" vary Accept-Encoding content-type application/json access-control-allow-origin * access-control-expose-headers Content-Length,Content-Range,ETag,Last-Modified,Date,Content-Encoding cache-control max-age=0, must-revalidate cf-ray 7ebe84cbf9e74889-LHR
GET H3	200	sarabun-semibold.woff2 storage.googleapis.com/kooth-assets-live/kooth/fonts/Sarabun/	19 KB 19 KB	316ms 185ms	Font font/woff2	2a00:1450:4001:802::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/kooth-assets-live/kooth/fonts/Sarabun/sarabun-semibold.woff2 Requested by Host: www.qwell.io URL: https://www.qwell.io/tavern-static/670.a4cbf471e0eb21f253a9.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash bff5661c5b6f9a3cebd8bab6d48aa91e301123f78f2d0ccc196eae4d3a40750c Request headers Referer https://www.qwell.io/ Origin https://www.qwell.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT age 0 x-guploader-uploadid ADPycducfIup2ol-WG_UJJy_7DYE8hv1FGy_rSHmcPcjtJqxn2GEskGTD9kmiPCjLG8tep6e_kwJ8eGZusSyqLyPsmO34w x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19436 last-modified Tue, 11 Jul 2023 08:49:56 GMT server UploadServer etag "1ac0d8b31ec0889bf84ae4759f1fc7c2" x-goog-generation 1689065396198782 x-goog-hash crc32c=IuXtEg==, md5=GsDYsx7AiJv4SuR1nx/Hwg== access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=31536000, immutable x-goog-stored-content-length 19436 accept-ranges bytes content-type font/woff2 expires Tue, 23 Jul 2024 19:20:08 GMT
GET H3	200	sarabun-bold.woff2 storage.googleapis.com/kooth-assets-live/kooth/fonts/Sarabun/	19 KB 19 KB	242ms 112ms	Font font/woff2	2a00:1450:4001:802::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/kooth-assets-live/kooth/fonts/Sarabun/sarabun-bold.woff2 Requested by Host: www.qwell.io URL: https://www.qwell.io/tavern-static/670.a4cbf471e0eb21f253a9.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 27d834aff66da6ea7b9878055eedd70505e18b5877e1449041672758aa540019 Request headers Referer https://www.qwell.io/ Origin https://www.qwell.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT age 0 x-guploader-uploadid ADPycdsNaPh0RO9t-SRErq1q0ksFpCFhbdIOr-z2rjyGJKmzmvf_fHUJvzyNTtHCU3z-XNF3Dy2blUnsuJwfdMiw3CXeZw x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19388 last-modified Tue, 11 Jul 2023 08:49:56 GMT server UploadServer etag "11c0daaea3044cae945a35e83bae755e" x-goog-generation 1689065396330261 x-goog-hash crc32c=3isHyg==, md5=EcDarqMETK6UWjXoO651Xg== access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=31536000, immutable x-goog-stored-content-length 19388 accept-ranges bytes content-type font/woff2 expires Tue, 23 Jul 2024 19:20:08 GMT
GET H3	200	sarabun-light.woff2 storage.googleapis.com/kooth-assets-live/kooth/fonts/Sarabun/	19 KB 19 KB	236ms 107ms	Font font/woff2	2a00:1450:4001:802::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/kooth-assets-live/kooth/fonts/Sarabun/sarabun-light.woff2 Requested by Host: www.qwell.io URL: https://www.qwell.io/tavern-static/670.a4cbf471e0eb21f253a9.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 5451cc2e7bf1cc5fa781e09aa3d7455ccbe13b555f7f945b7c1190f0a40cf963 Request headers Referer https://www.qwell.io/ Origin https://www.qwell.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT age 0 x-guploader-uploadid ADPycdvE_x7iCGYmgOS6Fwxa3seShzmd4D0RKiJklwWK83uaG0-g81kmGmQyzfMFr55YKxUPgqVJ9L75LLTVKdBDYpn1ZA x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19004 last-modified Tue, 11 Jul 2023 08:49:56 GMT server UploadServer etag "4fff4787dec7ca224c2240782984e7d1" x-goog-generation 1689065396230414 x-goog-hash crc32c=wteGTw==, md5=T/9Hh97HyiJMIkB4KYTn0Q== access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=31536000, immutable x-goog-stored-content-length 19004 accept-ranges bytes content-type font/woff2 expires Tue, 23 Jul 2024 19:20:08 GMT
GET H3	200	maitree-regular.woff2 storage.googleapis.com/kooth-assets-live/kooth/fonts/Maitree/	23 KB 23 KB	333ms 205ms	Font font/woff2	2a00:1450:4001:802::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/kooth-assets-live/kooth/fonts/Maitree/maitree-regular.woff2 Requested by Host: www.qwell.io URL: https://www.qwell.io/tavern-static/670.a4cbf471e0eb21f253a9.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash f1abb327250f3602f89007d3b2fa0d9329f9b2a8db28379700ee5a3ff41042cb Request headers Referer https://www.qwell.io/ Origin https://www.qwell.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT age 0 x-guploader-uploadid ADPycdsal1Q3l_Q032cZCTp1YpSUvURBEzMM-7bWubPqU0uV7Sf5JeHydl61gDfKRWXGEXqP3JCUWUqY9ZWgVtg1jXQPzg x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23916 last-modified Tue, 11 Jul 2023 08:49:56 GMT server UploadServer etag "73128fcc529d5844a6c24dbf71be35b3" x-goog-generation 1689065396189107 x-goog-hash crc32c=6wfwBw==, md5=cxKPzFKdWESmwk2/cb41sw== access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=31536000, immutable x-goog-stored-content-length 23916 accept-ranges bytes content-type font/woff2 expires Tue, 23 Jul 2024 19:20:08 GMT
GET H3	200	sarabun-regular.woff2 storage.googleapis.com/kooth-assets-live/kooth/fonts/Sarabun/	19 KB 19 KB	290ms 161ms	Font font/woff2	2a00:1450:4001:802::2010 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://storage.googleapis.com/kooth-assets-live/kooth/fonts/Sarabun/sarabun-regular.woff2 Requested by Host: www.qwell.io URL: https://www.qwell.io/tavern-static/670.a4cbf471e0eb21f253a9.css Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:802::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash 21a0789774858e21103632b5246948cf41ac42dc73043d2e92fba404d878ebd9 Request headers Referer https://www.qwell.io/ Origin https://www.qwell.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT age 0 x-guploader-uploadid ADPycdsJd7ctgRraMhRbk2bVFfb4ZPlZpszrKIQiFe4v2d9-aWk6eUHbvN0_QluVdGO9rHge71aOirfCHPM__VyuNk885Q x-goog-storage-class STANDARD x-goog-metageneration 3 x-goog-stored-content-encoding identity alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19212 last-modified Tue, 11 Jul 2023 08:49:56 GMT server UploadServer etag "7fb326c4c0ed8426c215aea1c5dd1c2d" x-goog-generation 1689065396356481 x-goog-hash crc32c=yBzeMQ==, md5=f7MmxMDthCbCFa6hxd0cLQ== access-control-allow-origin * access-control-expose-headers *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace cache-control public, max-age=31536000, immutable x-goog-stored-content-length 19212 accept-ranges bytes content-type font/woff2 expires Tue, 23 Jul 2024 19:20:08 GMT
GET H2	200	father_with_baby.jpg images.ctfassets.net/i5r6q3ilc9tq/2uZ8SXohK1fBuiY9sURZAp/19baf903a8568ba0ac6a01c8718cae0f/	10 KB 10 KB	190ms 67ms	Image image/webp	2600:9000:214f:7e00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/i5r6q3ilc9tq/2uZ8SXohK1fBuiY9sURZAp/19baf903a8568ba0ac6a01c8718cae0f/father_with_baby.jpg?fm=webp&w=364&fit=fill&h=221 Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash 9e811ac91c34901a842ac439460480e8cf2800ece87dc86918cd4775325357a3 Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 13:07:03 GMT via 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront) last-modified Mon, 10 Jul 2023 08:14:58 GMT server Contentful Images API x-amz-cf-pop FRA53-C1 age 22385 etag "32318a2b6727ab38743679c3dc04c49f" x-cache Hit from cloudfront content-type image/webp access-control-allow-origin * cache-control max-age=31536000 content-length 9908 x-amz-cf-id nYG3uSIskkMmokN7ZMec6Zm81mUAWLnEfb0atfqCkxCDZty8ut3uMw==
GET H2	200	person_holding_phone_folder.jpg images.ctfassets.net/i5r6q3ilc9tq/6i7uq9H8U5uYgeiMOQvgMY/c0a150a466133c02a6cbcb1585d9e225/	9 KB 9 KB	197ms 74ms	Image image/webp	2600:9000:214f:7e00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/i5r6q3ilc9tq/6i7uq9H8U5uYgeiMOQvgMY/c0a150a466133c02a6cbcb1585d9e225/person_holding_phone_folder.jpg?fm=webp&w=364&fit=fill&h=221 Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash e39bac968658537225f733c76848a6e5c02a0aeeb67ba9089bfb3775a97aaf5e Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 13:07:03 GMT via 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront) last-modified Fri, 09 Jun 2023 20:07:09 GMT server Contentful Images API x-amz-cf-pop FRA53-C1 age 22385 etag "38927836a8609d3135cd009b8bf6bc5a" x-cache Hit from cloudfront content-type image/webp access-control-allow-origin * cache-control max-age=31536000 content-length 8964 x-amz-cf-id e5jnIHbPzGK6On8zf40Rt8pEt2TTajVxrqtiqkUe7RsN2KZQfKOn3A==
GET H2	200	man_jog.jpg images.ctfassets.net/i5r6q3ilc9tq/1u6FvRGVTyZ5c9wooprrRh/a1495575aee0071b2db08b7177fa14a2/	5 KB 6 KB	192ms 69ms	Image image/webp	2600:9000:214f:7e00:12:94b3:c380:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://images.ctfassets.net/i5r6q3ilc9tq/1u6FvRGVTyZ5c9wooprrRh/a1495575aee0071b2db08b7177fa14a2/man_jog.jpg?fm=webp&w=364&fit=fill&h=221 Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:214f:7e00:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Contentful Images API / Resource Hash 9e2b53016e27c1160f28bd65b6b19f8ae5c97769f6026a0b6206aa1a4d3698a3 Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 13:07:04 GMT via 1.1 110641d379117242a91443ac729d6dee.cloudfront.net (CloudFront) last-modified Mon, 24 Jul 2023 10:25:07 GMT server Contentful Images API x-amz-cf-pop FRA53-C1 age 22384 etag "e553d0bc4b0df0fb05471c4ff9219cc2" x-cache Hit from cloudfront content-type image/webp access-control-allow-origin * cache-control max-age=31536000 content-length 5516 x-amz-cf-id JUNpf_1DDt7lfdGQd9Mz7VIiRLl8Klc0UEBnXE51WR3GmWWeAKrzuw==
GET H2	200	logo.bacp.transparent.81bc8739c30419a0c3e6a8574d17cb74.png www.qwell.io/tavern-static/	19 KB 19 KB	43ms 42ms	Image image/png	2606:4700:20::681a:8c6 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://www.qwell.io/tavern-static/logo.bacp.transparent.81bc8739c30419a0c3e6a8574d17cb74.png Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::681a:8c6 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ec7e4ab5d918c6b15d825f953376c26775ebf5d3ac86700ec9e80cf59de6d91 Security Headers Name Value Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live Strict-Transport-Security max-age=15552000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:08 GMT via 1.1 google x-content-type-options nosniff strict-transport-security max-age=15552000 cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-security-policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live age 7704846 content-security-policy-report-only default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_test_environments_or_csp-report-only_header_in_live x-envoy-upstream-service-time 59 content-length 19270 last-modified Wed, 26 Apr 2023 10:03:21 GMT server cloudflare etag "379db364e380f72e76e3bc389d66e039" x-frame-options SAMEORIGIN report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vEWoYwmPAtf5Dghq44LVUxBobmejGcAEn1%2BCqrI0AaXJxkwGqs1e0fe1nrck08vKZAcKdf7bTh5DWAYNc%2FbGO9TnP%2BYjPpUcZtW7Z0DaezXsq1YrbxgkaeIMZQWICuVlx5xlDG%2FQ6L9LvQ%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/png vary Accept-Encoding cache-control max-age=157680000,public accept-ranges bytes cf-ray 7ebe84cc6dfddc21-LHR expires Mon, 24 Apr 2028 15:06:02 GMT
GET DATA	200 OK	truncated /	2 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 27ce4f1bd8bb062327da1c1b2d5049d1095b39ed398f946451cea999d03a3129 Request headers accept-language en-GB,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers Content-Type image/svg+xml;charset=utf-8
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 30 KB	173ms 55ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700;800&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.qwell.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Tue, 18 Jul 2023 11:44:08 GMT x-content-type-options nosniff age 545760 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 17 Jul 2024 11:44:08 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	140ms 44ms	Font font/woff2	2a00:1450:4001:81c::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;600;700;800&family=Roboto:wght@400;700&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.qwell.io accept-language en-GB,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Sat, 22 Jul 2023 17:04:15 GMT x-content-type-options nosniff age 180953 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 21 Jul 2024 17:04:15 GMT
GET H2	200	/ cdn.usefathom.com/	43 B 426 B	795ms 795ms	Image image/gif	2400:52e0:1a01::907:1 BUNNYCDN
General Check archive.org Show headers Download Go to Show image Full URL https://cdn.usefathom.com/?h=https%3A%2F%2Fwww.qwell.io&p=%2F&r=&sid=CNIZONSC&qs=%7B%7D&cid=89762363 Requested by Host: www.qwell.io URL: https://www.qwell.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2400:52e0:1a01::907:1 Los Angeles, United States, ASN200325 (BUNNYCDN, SI), Reverse DNS Software BunnyCDN-LA1-907 / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language en-GB,en;q=0.9 Referer https://www.qwell.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36 Response headers date Mon, 24 Jul 2023 19:20:09 GMT cdn-edgestorageid 996 cdn-cachedat 07/24/2023 19:20:09 cdn-pullzone 506217 content-length 43 pragma no-cache server BunnyCDN-LA1-907 cdn-proxyver 1.04 cdn-requestpullcode 200 tk N content-type text/plain; charset=utf-8, image/gif cdn-cache MISS cdn-uid aa90c48b-f401-4fa1-aac1-c94c8f3ae560 cache-control public, max-age=0 cdn-requestid b13823cc7e1cc6d9d5ecf7da07c84699 cdn-requestcountrycode GB cdn-status 200 cdn-requestpullsuccess True

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| Localize object| React object| ReactDOM object| config object| webpackChunktavern object| __SENTRY__ object| __koothtavern__ function| applyFocusVisiblePolyfill object| fathom

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			www.qwell.io/	1969-12-31 23:59:59	Name: tracking-preferences Value: {"version":1,"destinations":{"Visual Tagger":false,"Google Cloud PubSub":false,"Mixpanel":false,"Mixpanel (Actions)":false,"Acuity":false},"chosen":false}

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	error	URL: https://storage.googleapis.com/kooth-assets-live/kooth/libraries/react-dom_v17-0-2.js(Line 14) Message: Error: <path> attribute d: Expected path command, "…23,1280,0v200H0z'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.acuityplatform.com challenges.cloudflare.com *.cloudfunctions.net *.configcat.com storage.googleapis.com cloudflare.hcaptcha.com cf-assets.hcaptcha.com *.kooth.com global.localizecdn.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; script-src-elem 'self' 'unsafe-inline' data: *.acuityplatform.com challenges.cloudflare.com storage.googleapis.com *.kooth.com global.localizecdn.com *.segment.com *.usefathom.com *.xenzonegroup.com; connect-src 'self' *.cloudfunctions.net *.configcat.com *.kooth.com global.localizecdn.com *.localizejs.com *.segment.com *.segment.io *.sentry.io *.usefathom.com *.xenzonegroup.com wss://*.xenzonegroup.com; img-src * data:; media-src * data:; style-src 'self' 'unsafe-inline' fonts.googleapis.com; font-src * data: chrome-extension: moz-extension: safari-web-extension:; frame-src 'self' vimeo.com *.vimeo.com challenges.cloudflare.com; object-src 'none'; report-uri https://o367623.ingest.sentry.io/api/5691169/security/?sentry_key=d228aa23f64c4234b0ed98ff46a429d3?sentry_environment=csp_header_in_live
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-global.configcat.com
cdn.segment.com
cdn.usefathom.com
fonts.googleapis.com
fonts.gstatic.com
global.localizecdn.com
images.ctfassets.net
storage.googleapis.com
www.qwell.io
2400:52e0:1a01::907:1
2600:9000:214f:7e00:12:94b3:c380:93a1
2606:4700:10::6816:18a6
2606:4700:20::681a:8c6
2606:4700::6812:1c1f
2a00:1450:4001:802::2010
2a00:1450:4001:81c::2003
2a00:1450:4001:828::200a
99.86.8.175
097b72347f22babcdb541e14c5b29f5e0a2c6c5062507858eb65aa900bb4297b
19ddbd3f35a8f49ec6c6b5074c782c5b9324b8fda7859ee5f632d10e95c02e81
21a0789774858e21103632b5246948cf41ac42dc73043d2e92fba404d878ebd9
250ac9578e998b9456900ab2f020c9b210c7415002d2f9aebe849c43033373ce
27ce4f1bd8bb062327da1c1b2d5049d1095b39ed398f946451cea999d03a3129
27d834aff66da6ea7b9878055eedd70505e18b5877e1449041672758aa540019
2cfc5e6359c20684c7c942ecff1159203e5461639ba8977715ab9d57679cdb3c
42d4fa568a30cb210455462755b49dec23c9948ab61169c13fb2e76275e598cc
4aa6820cf699035fcce704eb8a7ff5338dee2587b8f84e88d91a0f93c03f392c
5451cc2e7bf1cc5fa781e09aa3d7455ccbe13b555f7f945b7c1190f0a40cf963
54dc62df1cb975917eff5236e58b2e41573f7214e932ce94d5e312769fa2bc68
65b0e2e4d495f467f3604be9ccae27795b604488e2c52ec402b65f9d6ab10b42
7ec7e4ab5d918c6b15d825f953376c26775ebf5d3ac86700ec9e80cf59de6d91
93b3ec9b71d6f98100eb200c98db71d8cdaeb21e6871f8d2d6a014a59bdd9e7b
9e2b53016e27c1160f28bd65b6b19f8ae5c97769f6026a0b6206aa1a4d3698a3
9e811ac91c34901a842ac439460480e8cf2800ece87dc86918cd4775325357a3
a94a6dc7cf3b1ac9aa3fa3a1caf3b82fc14d50953d7e714cf6b3a51c2190fffc
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b46bf0cfcf02d3a7bd93ec7599956c2555127a5f81f27ec57c3346bf7c9bf473
bff5661c5b6f9a3cebd8bab6d48aa91e301123f78f2d0ccc196eae4d3a40750c
c402f71dd7ede3b109771cf89cba20eb26ba88702a87d24493e630cb31c66c34
cf42a9984fc18313f0f39cf77aa8e952202dcd7bbae69c7ac30c30975a70595d
d63976d8974b224c82537bc03ab29de64fc9f11b61dfd3480a9519a101ac7287
dac3a779614b333a90e969054de25e609bfe4b14d6d41fbc12e0a183a1f0d171
e39bac968658537225f733c76848a6e5c02a0aeeb67ba9089bfb3775a97aaf5e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f1abb327250f3602f89007d3b2fa0d9329f9b2a8db28379700ee5a3ff41042cb
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f739d90cd40b4a1b21514c867c41b2ae210f25d80e987f99c0103e74193cb8e4