bellinimarketingj35.sg-host.com Open in urlscan Pro
35.212.56.225 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bellinimarketingj35.sg-host.com/
Submission: On January 18 via api (January 18th 2024, 3:45:08 pm UTC) from US — Scanned from US

Summary HTTP 105 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 15 IPs in 1 countries across 11 domains to perform 105 HTTP transactions. The main IP is 35.212.56.225, located in Washington, United States and belongs to GOOGLE, US. The main domain is bellinimarketingj35.sg-host.com.
TLS certificate: Issued by R3 on January 16th 2024. Valid for: 3 months.

This is the only time bellinimarketingj35.sg-host.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	35.212.56.225 35.212.56.225	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c1b::61	15169 (GOOGLE) (GOOGLE)
13	18.239.183.125 18.239.183.125	16509 (AMAZON-02) (AMAZON-02)
6 12	54.188.145.51 54.188.145.51	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4004:c17::8a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4004:c06::5f	15169 (GOOGLE) (GOOGLE)
9	2600:9000:210... 2600:9000:2105:3800:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
3	18.239.176.180 18.239.176.180	16509 (AMAZON-02) (AMAZON-02)
9	18.239.168.95 18.239.168.95	16509 (AMAZON-02) (AMAZON-02)
12	2600:1901:0:7... 2600:1901:0:7a0b::	() ()
9	54.187.119.242 54.187.119.242	() ()
6	151.101.64.176 151.101.64.176	() ()
6	18.161.21.4 18.161.21.4	() ()
3	54.201.135.255 54.201.135.255	() ()
105	15

9 35.212.56.225 (Washington, United States)

ASN15169 (GOOGLE, US)
PTR: 225.56.212.35.bc.googleusercontent.com

bellinimarketingj35.sg-host.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c1b::61 (Washington, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 18.239.183.125 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-183-125.bos50.r.cloudfront.net

widget-cdn.simplepractice.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.188.145.51 (Boardman, United States) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-188-145-51.us-west-2.compute.amazonaws.com

helmhealthandwellness.clientsecure.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
spwidget-helmhealthandwellness.clientsecure.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c17::8a (Washington, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4004:c06::5f (Washington, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2105:3800:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.239.176.180 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-176-180.bos50.r.cloudfront.net

d2wy8f7a9ursnm.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.239.168.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-239-168-95.bos50.r.cloudfront.net

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:1901:0:7a0b:: (None, )

ASN- ()

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 54.187.119.242 (None, )

ASN- ()

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.64.176 (None, )

ASN- ()

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 18.161.21.4 (None, )

ASN- ()

consent.api.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.201.135.255 (None, )

ASN- ()

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	stripe.com js.stripe.com — Cisco Umbrella Rank: 1227 q.stripe.com m.stripe.com	447 KB
15	osano.com cmp.osano.com — Cisco Umbrella Rank: 5210 consent.api.osano.com	199 KB
13	simplepractice.com widget-cdn.simplepractice.com — Cisco Umbrella Rank: 118956	2 MB
12	bugsnag.com sessions.bugsnag.com	373 B
12	clientsecure.me 6 redirects helmhealthandwellness.clientsecure.me spwidget-helmhealthandwellness.clientsecure.me	488 KB
9	sg-host.com bellinimarketingj35.sg-host.com	733 KB
6	stripe.network m.stripe.network	48 KB
3	cloudfront.net d2wy8f7a9ursnm.cloudfront.net	41 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	223 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	266 B
105	11

	Domain	Requested by
13	widget-cdn.simplepractice.com	bellinimarketingj35.sg-host.com spwidget-helmhealthandwellness.clientsecure.me
12	sessions.bugsnag.com	d2wy8f7a9ursnm.cloudfront.net
9	q.stripe.com	bellinimarketingj35.sg-host.com
9	js.stripe.com	spwidget-helmhealthandwellness.clientsecure.me cmp.osano.com js.stripe.com
9	cmp.osano.com	spwidget-helmhealthandwellness.clientsecure.me cmp.osano.com
9	spwidget-helmhealthandwellness.clientsecure.me	3 redirects widget-cdn.simplepractice.com
9	bellinimarketingj35.sg-host.com	bellinimarketingj35.sg-host.com
6	consent.api.osano.com	cmp.osano.com
6	m.stripe.network	js.stripe.com m.stripe.network
3	m.stripe.com	m.stripe.network
3	d2wy8f7a9ursnm.cloudfront.net	spwidget-helmhealthandwellness.clientsecure.me
3	fonts.googleapis.com	spwidget-helmhealthandwellness.clientsecure.me
3	helmhealthandwellness.clientsecure.me	3 redirects
3	www.googletagmanager.com	bellinimarketingj35.sg-host.com www.googletagmanager.com
1	www.google-analytics.com	www.googletagmanager.com
105	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
helmhealthandwellness.clientsecure.me

Subject Issuer	Validity	Valid
bellinimarketingj35.sg-host.com R3	`2024-01-16` - `2024-04-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
widget-cdn.simplepractice.com Amazon RSA 2048 M02	`2023-05-11` - `2024-06-08`	a year	crt.sh
prod.simplepractice.com Amazon RSA 2048 M02	`2023-07-10` - `2024-08-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.osano.com Amazon RSA 2048 M03	`2023-10-18` - `2024-11-15`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2024-01-02` - `2024-04-04`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-19` - `2024-04-12`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-12-20` - `2024-03-21`	3 months	crt.sh
*.api.osano.com Amazon RSA 2048 M03	`2023-09-27` - `2024-10-25`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-22` - `2024-03-21`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://bellinimarketingj35.sg-host.com/
Frame ID: 91535D34E11A82D65923A5DC1C7F9205
Requests: 24 HTTP requests in this frame

Frame: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Frame ID: 95B1981B18561C9726FEBF1B0E66DA20
Requests: 14 HTTP requests in this frame

Frame: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Frame ID: 6FF456B276A61114E841D5E55155FE64
Requests: 14 HTTP requests in this frame

Frame: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Frame ID: D29883EE2C7E6F7C9A97593815F1CBBE
Requests: 14 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 87467AFD1F1EF446007070ADFB3033EC
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: D6468EED1D8C4FEE1AF8D025C6C84184
Requests: 4 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 5CEAF71CCA032D2C601A64B497A7C137
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 70F2F021305D4F537282777E4532C7E3
Requests: 4 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 0528D88B4671E36BB60104EC51F47258
Requests: 1 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
Frame ID: 2ABA48D634FD0597684BD22E5E575BD1
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: AFF47BAFCA954D79F275E48C65B512C8
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 24FA4B6C0A4401F6516D1B41D2843F1E
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 59DE308DB4C3AE9D140D2A8EDFC39F78
Requests: 4 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: D822CBBF88EB4E1352A21DEBA4622609
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: 383DB389CA19537EB7BBB26472EDF3A7
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: E5BACC896B4C01858B95130A7CDFE588
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Helm Health and Wellness - Telehealth Services, Weight loss

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

BugSnag (Analytics) Expand

Overall confidence: 100%
Detected patterns

/bugsnag.*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Page Statistics

105
Requests

88 %
HTTPS

36 %
IPv6

11
Domains

15
Subdomains

15
IPs

1
Countries

4704 kB
Transfer

18548 kB
Size

2
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/helmhealthandwellness
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/helmhealth
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/helmhealthandwellness/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://helmhealthandwellness.clientsecure.me/
Title: Request Appointment

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://helmhealthandwellness.clientsecure.me/widget-redirect?scopeId=55f2f69e-f819-46d7-8db4-d570ec3441ce&scopeGlobal=true&applicationId=7c72cb9f9a9b913654bb89d6c7b4e71a77911b30192051da35384b4d0c6d505b&appearance=%7B%22fullScreen%22%3Atrue%7D HTTP 302
https://spwidget-helmhealthandwellness.clientsecure.me/widget/clinician?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450 HTTP 307
https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Request Chain 13

https://helmhealthandwellness.clientsecure.me/widget-redirect?scopeId=55f2f69e-f819-46d7-8db4-d570ec3441ce&scopeGlobal=true&applicationId=7c72cb9f9a9b913654bb89d6c7b4e71a77911b30192051da35384b4d0c6d505b&appearance=%7B%22fullScreen%22%3Atrue%7D HTTP 302
https://spwidget-helmhealthandwellness.clientsecure.me/widget/clinician?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450 HTTP 307
https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Request Chain 15

https://helmhealthandwellness.clientsecure.me/widget-redirect?scopeId=55f2f69e-f819-46d7-8db4-d570ec3441ce&scopeGlobal=true&applicationId=7c72cb9f9a9b913654bb89d6c7b4e71a77911b30192051da35384b4d0c6d505b&appearance=%7B%22fullScreen%22%3Atrue%7D HTTP 302
https://spwidget-helmhealthandwellness.clientsecure.me/widget/clinician?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450 HTTP 307
https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

105 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bellinimarketingj35.sg-host.com/ 118 KB
21 KB 198ms
65ms Document
text/html 35.212.56.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bellinimarketingj35.sg-host.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.56.225 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 225.56.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1ad1452b79fa9386908179181c37356cc9c3b27dbc6e606f45661653cdb1346a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 18 Jan 2024 15:44:56 GMT
host-header: 6b7412fb82ca5edfd0917e3957f05d89
last-modified: Thu, 18 Jan 2024 08:28:21 GMT
server: nginx
vary: Accept-Encoding
wpo-cache-status: cached
x-httpd-modphp: 1
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
81 KB 444ms
57ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QPY2FX6RDD

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b28b8be47bea2704c4a56b0d0dc546471f01f33f95a27450b89939f05c7e14e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82070
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jan 2024 15:44:57 GMT

GET
H2 200 widget-icon-list.min.css
bellinimarketingj35.sg-host.com/wp-content/plugins/elementor/assets/css/ 10 KB
1 KB 353ms
352ms Stylesheet
text/css 35.212.56.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bellinimarketingj35.sg-host.com/wp-content/plugins/elementor/assets/css/widget-icon-list.min.css
Requested by: Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.56.225 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 225.56.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba8bea6a6bbbb634afd80fa6128f556a2d09331a9b5e14754d134c43748d5dcd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:56 GMT
content-encoding: br
last-modified: Thu, 04 Jan 2024 16:49:46 GMT
server: nginx
etag: W/"26c1-60e2184dc3e80"
vary: Accept-Encoding
content-type: text/css
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 widget-nav-menu.min.css
bellinimarketingj35.sg-host.com/wp-content/plugins/elementor-pro/assets/css/ 26 KB
3 KB 354ms
353ms Stylesheet
text/css 35.212.56.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bellinimarketingj35.sg-host.com/wp-content/plugins/elementor-pro/assets/css/widget-nav-menu.min.css
Requested by: Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.56.225 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 225.56.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 13aeab1a9428e836ba301e52fba70d550acded1922af4b2c0d81613e869b846a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:56 GMT
content-encoding: br
last-modified: Tue, 16 Jan 2024 23:08:59 GMT
server: nginx
etag: W/"6760-60f1837258255"
vary: Accept-Encoding
content-type: text/css
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 integration-1.0.js Show response
widget-cdn.simplepractice.com/assets/ 8 KB
3 KB 458ms
33ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/integration-1.0.js
Requested by: Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7a0a02c1cac6dadd50c7918e5dd7157c0bbd09c97596a84fdadc2b6cd4e0b8f7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:30:56 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:23:22 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 987
x-amz-server-side-encryption: AES256
etag: W/"1003971b337eab5071a6ad78b8dac671"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600, public
x-amz-cf-id: hz0itJqhavIjzYqhzNjIt4QbHtHBSs7y045JqxcOqSaPGVZhaMeA9w==

GET
H2 200 widget-call-to-action.min.css
bellinimarketingj35.sg-host.com/wp-content/plugins/elementor-pro/assets/css/ 8 KB
1 KB 43ms
41ms Stylesheet
text/css 35.212.56.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bellinimarketingj35.sg-host.com/wp-content/plugins/elementor-pro/assets/css/widget-call-to-action.min.css
Requested by: Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.56.225 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 225.56.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a79c5816c93d811bd626a9810d95b806b667decbf26823554a07f33a5a37354c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:57 GMT
content-encoding: br
last-modified: Tue, 16 Jan 2024 23:08:59 GMT
server: nginx
etag: W/"21ba-60f183725a57d"
vary: Accept-Encoding
content-type: text/css
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET
H2 200 widget-icon-box.min.css
bellinimarketingj35.sg-host.com/wp-content/plugins/elementor/assets/css/ 10 KB
846 B 44ms
43ms Stylesheet
text/css 35.212.56.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bellinimarketingj35.sg-host.com/wp-content/plugins/elementor/assets/css/widget-icon-box.min.css
Requested by: Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.56.225 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 225.56.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3dba62d760768a577980a6abea886219a68630f3903bb43828ab1190245d83e9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:57 GMT
content-encoding: br
last-modified: Thu, 04 Jan 2024 16:49:46 GMT
server: nginx
etag: W/"2775-60e2184dc3e80"
vary: Accept-Encoding
content-type: text/css
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache: HIT

GET wpo-minify-header-cbcc6002.min.css
bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/ 0
0

GET wpo-minify-header-1bcc1a02.min.js
bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/ 0
0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 176 KB
62 KB 155ms
144ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PK2F65JD

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbfb3945daa25e9f7c73d9c0575953e803419bfc31cfe9737f853f44bc65ccd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63705
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 18 Jan 2024 15:44:57 GMT

GET hh_horiz_grey_r_heart.png
bellinimarketingj35.sg-host.com/wp-content/uploads/2023/05/ 0
0

GET
H2 200 close-up-view-of-the-dry-flowers-2023-11-27-05-09-20-utc-1.jpg
bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/ 145 KB
146 KB 43ms
42ms Image
image/jpeg 35.212.56.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/close-up-view-of-the-dry-flowers-2023-11-27-05-09-20-utc-1.jpg
Requested by: Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.56.225 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 225.56.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 93cae3058dedba71d57fc8af7e51d3ea6f5cedf075dbb45115a3fdda5349f860

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:57 GMT
last-modified: Wed, 03 Jan 2024 15:46:04 GMT
server: nginx
etag: "24557-60e0c8335c700"
content-type: image/jpeg
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 148823
x-proxy-cache: HIT

GET
H2

200

service Show response
spwidget-helmhealthandwellness.clientsecure.me/widget/ Frame 95B1
Redirect Chain

https://helmhealthandwellness.clientsecure.me/widget-redirect?scopeId=55f2f69e-f819-46d7-8db4-d570ec3441ce&scopeGlobal=true&applicationId=7c72cb9f9a9b913654bb89d6c7b4e71a77911b30192051da35384b4d0c6...
https://spwidget-helmhealthandwellness.clientsecure.me/widget/clinician?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

533 KB
161 KB

307ms
306ms

Document
text/html

54.188.145.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Requested by

Host: widget-cdn.simplepractice.com
URL: https://widget-cdn.simplepractice.com/assets/integration-1.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.188.145.51 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-188-145-51.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ca6e9a52a1e2dea1dc804ea3b71a7878f89ddbd17073305bc90b515a2aae7718

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bellinimarketingj35.sg-host.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:44:58 GMT
etag: W/"85287-sE1AcfO8cw65GPXXasb7Ja/EIT4"
location: /widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

content-length: 228
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:44:57 GMT
etag: W/"e4-LcK6f0pGzPf0VCYqyL8ZEdeCHp4"
location: /widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
server: nginx
x-content-type-options: nosniff

GET Untitled-design-10-1.jpg
bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/ 0
0

GET
H2

200

service Show response
spwidget-helmhealthandwellness.clientsecure.me/widget/ Frame 6FF4
Redirect Chain

https://helmhealthandwellness.clientsecure.me/widget-redirect?scopeId=55f2f69e-f819-46d7-8db4-d570ec3441ce&scopeGlobal=true&applicationId=7c72cb9f9a9b913654bb89d6c7b4e71a77911b30192051da35384b4d0c6...
https://spwidget-helmhealthandwellness.clientsecure.me/widget/clinician?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

533 KB
161 KB

401ms
400ms

Document
text/html

54.188.145.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Requested by

Host: widget-cdn.simplepractice.com
URL: https://widget-cdn.simplepractice.com/assets/integration-1.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.188.145.51 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-188-145-51.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

782ed0ca3156470a4791ecb64d5eb86f1cb4b62aea5df0dcfb7f908b08406358

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bellinimarketingj35.sg-host.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:44:58 GMT
etag: W/"85287-pxL7vv5ZxAOxY3Tg1F6Skj7ypHg"
location: /widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

content-length: 228
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:44:57 GMT
etag: W/"e4-LcK6f0pGzPf0VCYqyL8ZEdeCHp4"
location: /widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
server: nginx
x-content-type-options: nosniff

GET image-2023-06-02T110221.472.webp
bellinimarketingj35.sg-host.com/wp-content/uploads/2023/06/ 0
0

GET
H2

200

service Show response
spwidget-helmhealthandwellness.clientsecure.me/widget/ Frame D298
Redirect Chain

https://helmhealthandwellness.clientsecure.me/widget-redirect?scopeId=55f2f69e-f819-46d7-8db4-d570ec3441ce&scopeGlobal=true&applicationId=7c72cb9f9a9b913654bb89d6c7b4e71a77911b30192051da35384b4d0c6...
https://spwidget-helmhealthandwellness.clientsecure.me/widget/clinician?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

533 KB
161 KB

399ms
399ms

Document
text/html

54.188.145.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Requested by

Host: widget-cdn.simplepractice.com
URL: https://widget-cdn.simplepractice.com/assets/integration-1.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.188.145.51 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-188-145-51.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

f41b670d337cd63286355e154b6d7a4910e5aaea9383afdb634d9eed82083d10

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bellinimarketingj35.sg-host.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:44:58 GMT
etag: W/"85287-oy1mjX5e3mWS5Y+YZpHCGP5kl1I"
location: /widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff

Redirect headers

content-length: 228
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:44:57 GMT
etag: W/"e4-LcK6f0pGzPf0VCYqyL8ZEdeCHp4"
location: /widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
server: nginx
x-content-type-options: nosniff

GET wpo-minify-footer-82cb230a.min.css
bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/ 0
0

GET hh_wheel_r_heart_lg.png
bellinimarketingj35.sg-host.com/wp-content/uploads/2023/05/ 0
0

GET wpo-minify-footer-a11f619b.min.js
bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/ 0
0

GET wpo-minify-footer-07b3197d.min.js
bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/ 0
0

GET wpo-minify-footer-066e1207.min.js
bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/ 0
0

GET
H2 200 wooden-spoons-on-the-blue-table-2023-11-27-05-26-13-utc.jpg
bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/ 294 KB
295 KB 39ms
37ms Image
image/jpeg 35.212.56.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/wooden-spoons-on-the-blue-table-2023-11-27-05-26-13-utc.jpg
Requested by: Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.56.225 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 225.56.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4014ae02b93f683f450837adfd916da77ff79f61cd3126613e7361808c6da83c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:57 GMT
last-modified: Wed, 03 Jan 2024 16:06:51 GMT
server: nginx
etag: "49817-60e0ccd897cc0"
content-type: image/jpeg
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 301079
x-proxy-cache: HIT

GET
H2 200 stethoscope-on-the-beige-background-2023-11-27-04-57-48-utc.jpg
bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/ 58 KB
59 KB 40ms
39ms Image
image/jpeg 35.212.56.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/stethoscope-on-the-beige-background-2023-11-27-04-57-48-utc.jpg
Requested by: Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.56.225 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 225.56.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f14dea5b4a9867bd1c9bb624645c3c97a6dc48991bcfc6a3f24cdf5149a5b20b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:57 GMT
last-modified: Wed, 03 Jan 2024 16:06:39 GMT
server: nginx
etag: "e99d-60e0cccd261c0"
content-type: image/jpeg
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 59805
x-proxy-cache: HIT

GET
H2 200 Screenshot202023-12-1920at2011.14.4320AM.png
bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/ 206 KB
207 KB 40ms
39ms Image
image/png 35.212.56.225
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/Screenshot202023-12-1920at2011.14.4320AM.png
Requested by: Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.212.56.225 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 225.56.212.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 90517fcd8932f4f093aa089308112a9f6c93408583b133fd36c939190741933a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:57 GMT
last-modified: Wed, 03 Jan 2024 16:06:57 GMT
server: nginx
etag: "3393c-60e0ccde50a40"
content-type: image/png
x-httpd-modphp: 1
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 211260
x-proxy-cache: HIT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 230 KB
80 KB 44ms
44ms Script
application/javascript 2607:f8b0:4004:c1b::61
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-QPY2FX6RDD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PK2F65JD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::61 Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d3e57170959b03410110b81b17f389185be767630a7c4249224338fd99a17fd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82093
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 18 Jan 2024 15:44:57 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
266 B 105ms
39ms Ping
text/plain 2607:f8b0:4004:c17::8a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-QPY2FX6RDD&gtm=45je41a0v9138025255z89172649783&_p=1705592697228&gcd=11l1l1l1l1&dma=0&cid=531165815.1705592698&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705592697&sct=1&seg=0&dl=https%3A%2F%2Fbellinimarketingj35.sg-host.com%2F&dt=Helm%20Health%20and%20Wellness%20-%20Telehealth%20Services%2C%20Weight%20loss&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=879
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-QPY2FX6RDD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c17::8a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://bellinimarketingj35.sg-host.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Jan 2024 15:44:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bellinimarketingj35.sg-host.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 95B1 5 KB
1 KB 108ms
41ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 14:10:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:44:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame D298 5 KB
721 B 431ms
429ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 14:13:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:44:58 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 6FF4 5 KB
721 B 427ms
426ms Stylesheet
text/css 2607:f8b0:4004:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600&display=swap

Requested by

Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 18 Jan 2024 15:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 14:14:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Jan 2024 15:44:58 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/ Frame 6FF4 246 KB
64 KB 156ms
78ms Script
application/javascript 2600:9000:2105:3800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Requested by

Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2105:3800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

37b17568df9546aa17d1f03e231caab311914d7abdc3bf0aded2c1a3554cae82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:20:48 GMT
content-encoding: br
via: 1.1 13d3731e042da4eb724047055086bf24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: BOS50-C3
age: 5143
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64615
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jan 2024 14:10:10 GMT
server: CloudFront
etag: "3bf5e91d7045a544a0b3293fe6f57b10"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: 2jj7yHX9X4GLs-C1ISL9zD8QibFmfb4tH149A6BkvnOWQk2hJD1miA==

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v7/ Frame 6FF4 43 KB
14 KB 116ms
38ms Script
application/javascript 18.239.176.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.176.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-176-180.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d53bef875b7e1926eb753126cb7642ba4062bcdcefe3a18b8f8f0cf065a1456

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 14:30:35 GMT
x-amz-version-id: sSk5E13ddwhz9zAO_AGbWsvLboUh70RJ
Content-Encoding: gzip
Via: 1.1 9773a5091daf4b94a65f88adf32fd1fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 1300465
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 03 Jan 2024 14:30:27 GMT
Server: AmazonS3
ETag: W/"7ce4f6a9a92966accdb56b4260f1c8c7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: rSppazLJHQ_1ATxOCKCpk3v04rMgGTjHCq7YSc18W8Hfq3prNC0O-A==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 6FF4 585 KB
144 KB 268ms
152ms Script
text/javascript 18.239.168.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.168.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-168-95.bos50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ab5896c4f28152942b089d685fefcb1ab59c91c345b73a44da1d416119124ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:29 GMT
content-encoding: br
via: 1.1 1fa8713a93103b807295046bdbbcea52.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 30
x-amz-cf-pop: BOS50-P3
x-cache: Hit from cloudfront
last-modified: Thu, 18 Jan 2024 05:59:06 GMT
server: Cloudfront
etag: W/"7186d200916e5464e2e931eb575481e8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: qiQk-2sLpwDocQiTvqIA4ADBSB7_tu9THM9-BmiN3G02C7wHThdsZg==

GET
H2 200 vendor-81de8f8891e891b4cc3e56fbe758aaa7.js Show response
widget-cdn.simplepractice.com/assets/ Frame 6FF4 2 MB
450 KB 41ms
40ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/vendor-81de8f8891e891b4cc3e56fbe758aaa7.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ceda30b2f3dce6b695d665b7713fd6c2c47bcdab8031204a7d5fa413b6b7538b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 16:24:17 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 16:24:01 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 775243
etag: W/"b4877c110e767217e34408dba0840ab1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: jKw6FdJyePht8qNeSjwb0YT4FX7QLzi9W784z0KllVurPQSNN2kGzw==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 chunk.765.14cfcc67d998afc14df4.js Show response
widget-cdn.simplepractice.com/assets/ Frame 6FF4 789 KB
184 KB 171ms
170ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/chunk.765.14cfcc67d998afc14df4.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac485d05321d9c18d96599c1d0283e058a43128775f64970a31737195f085024

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:42:48 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 21:42:34 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 756131
etag: W/"f09a4396fbe032397ee333753579bdbe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: NMDw32dgp7eIp_de4T3YCzmL3cm3zzrUoscF18Qb83fhl6MO3bBiJA==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 chunk.143.6d4c3603344b16a068c8.js Show response
widget-cdn.simplepractice.com/assets/ Frame 6FF4 30 KB
6 KB 169ms
168ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/chunk.143.6d4c3603344b16a068c8.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b2de0437f34622407e28cd5796ec5b0b9aa01f228bbbb76ffeef624dbdb5c8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:23:36 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:23:22 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 152484
etag: W/"797303b1b3df4aec3d9a2e1625c43aee"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: MLYAvLVx-TAVTTy-TK94Qu1hUKKOIKLBlbJuElw9VL-oA18Bfvme-w==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 client-portal-01eea45090510305c8a65ff6f23daa18.js Show response
widget-cdn.simplepractice.com/assets/ Frame 6FF4 1 MB
200 KB 183ms
182ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/client-portal-01eea45090510305c8a65ff6f23daa18.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1affe6972daf772fe55bca18d1dea39b6548cec9cd6440f0e88c1be10ac7f7b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:23:36 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:23:22 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 152484
etag: W/"074bd1f20b4a66479e07c65b4bccbc74"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: Wd4aSuVioENtlxY7Gvzo0aFXImgQrV-7SjRUE0pPisQ3omb6nhuUbg==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/ Frame 95B1 246 KB
64 KB 55ms
38ms Script
application/javascript 2600:9000:2105:3800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Requested by

Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2105:3800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

37b17568df9546aa17d1f03e231caab311914d7abdc3bf0aded2c1a3554cae82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:20:48 GMT
content-encoding: br
via: 1.1 13d3731e042da4eb724047055086bf24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: BOS50-C3
age: 5143
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64615
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jan 2024 14:10:10 GMT
server: CloudFront
etag: "3bf5e91d7045a544a0b3293fe6f57b10"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: W1Ijit8xak6gZX3DxXU-GOZ-QlxA94u1D59-dAT5h9Q-a3WpKZg6vg==

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v7/ Frame 95B1 43 KB
14 KB 106ms
48ms Script
application/javascript 18.239.176.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.176.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-176-180.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d53bef875b7e1926eb753126cb7642ba4062bcdcefe3a18b8f8f0cf065a1456

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 14:30:35 GMT
x-amz-version-id: sSk5E13ddwhz9zAO_AGbWsvLboUh70RJ
Content-Encoding: gzip
Via: 1.1 9773a5091daf4b94a65f88adf32fd1fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 1300465
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 03 Jan 2024 14:30:27 GMT
Server: AmazonS3
ETag: W/"7ce4f6a9a92966accdb56b4260f1c8c7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: hHr9ciprMGlzCgIqJVxXqzISYKwpbpMAz40nqPa3ZYgx7U2Yha_M5w==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame 95B1 585 KB
144 KB 95ms
44ms Script
text/javascript 18.239.168.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.168.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-168-95.bos50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ab5896c4f28152942b089d685fefcb1ab59c91c345b73a44da1d416119124ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:29 GMT
content-encoding: br
via: 1.1 1fa8713a93103b807295046bdbbcea52.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 30
x-amz-cf-pop: BOS50-P3
x-cache: Hit from cloudfront
last-modified: Thu, 18 Jan 2024 05:59:06 GMT
server: Cloudfront
etag: W/"7186d200916e5464e2e931eb575481e8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: d7ea3l1Af7ydxwn5HDQ_E4CseHXRJqDSQqvblpGzhjWwYdrV3RRusw==

GET
H2 200 vendor-81de8f8891e891b4cc3e56fbe758aaa7.js Show response
widget-cdn.simplepractice.com/assets/ Frame 95B1 2 MB
450 KB 133ms
132ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/vendor-81de8f8891e891b4cc3e56fbe758aaa7.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ceda30b2f3dce6b695d665b7713fd6c2c47bcdab8031204a7d5fa413b6b7538b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 16:24:17 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 16:24:01 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 775243
etag: W/"b4877c110e767217e34408dba0840ab1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: IRAqIfPuSswK0w-su4a54mbtfkQDFh0ZHc-4l-z7bFPjKEA-iMiMBQ==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 chunk.765.14cfcc67d998afc14df4.js Show response
widget-cdn.simplepractice.com/assets/ Frame 95B1 789 KB
184 KB 144ms
144ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/chunk.765.14cfcc67d998afc14df4.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac485d05321d9c18d96599c1d0283e058a43128775f64970a31737195f085024

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:42:48 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 21:42:34 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 756131
etag: W/"f09a4396fbe032397ee333753579bdbe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: 2NlCy_F3HaGDbgipMgW5_oGwxhUWLuhBcwAwEma7Q4bCdfqVbktsYg==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 chunk.143.6d4c3603344b16a068c8.js Show response
widget-cdn.simplepractice.com/assets/ Frame 95B1 30 KB
6 KB 144ms
144ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/chunk.143.6d4c3603344b16a068c8.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b2de0437f34622407e28cd5796ec5b0b9aa01f228bbbb76ffeef624dbdb5c8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:23:36 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:23:22 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 152484
etag: W/"797303b1b3df4aec3d9a2e1625c43aee"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: ItRwixIDjrKP-7zG2Gq6gqzAr2n_eIB1dwejHx1cLCtkio9qQ7_w5w==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 client-portal-01eea45090510305c8a65ff6f23daa18.js Show response
widget-cdn.simplepractice.com/assets/ Frame 95B1 1 MB
200 KB 144ms
143ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/client-portal-01eea45090510305c8a65ff6f23daa18.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1affe6972daf772fe55bca18d1dea39b6548cec9cd6440f0e88c1be10ac7f7b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:23:36 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:23:22 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 152484
etag: W/"074bd1f20b4a66479e07c65b4bccbc74"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: 6Kr25_47w5-0LYJO0yTvcLx4aN3iVgdmBWKR4hboaxXV1Tmz-XYx9g==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 osano.js Show response
cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/ Frame D298 246 KB
64 KB 80ms
80ms Script
application/javascript 2600:9000:2105:3800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Requested by

Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2105:3800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

37b17568df9546aa17d1f03e231caab311914d7abdc3bf0aded2c1a3554cae82

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:20:48 GMT
content-encoding: br
via: 1.1 13d3731e042da4eb724047055086bf24.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-amz-cf-pop: BOS50-C3
age: 5143
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 64615
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 12 Jan 2024 14:10:10 GMT
server: CloudFront
etag: "3bf5e91d7045a544a0b3293fe6f57b10"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: MAS0Yr1hkKgObcnuZj9W9y46advEFUPG6w-46UqF2axFdk-r8OLLxw==

GET
H/1.1 200
OK bugsnag.min.js Show response
d2wy8f7a9ursnm.cloudfront.net/v7/ Frame D298 43 KB
14 KB 56ms
35ms Script
application/javascript 18.239.176.180
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.176.180 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-176-180.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7d53bef875b7e1926eb753126cb7642ba4062bcdcefe3a18b8f8f0cf065a1456

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Wed, 03 Jan 2024 14:30:35 GMT
x-amz-version-id: sSk5E13ddwhz9zAO_AGbWsvLboUh70RJ
Content-Encoding: gzip
Via: 1.1 e1f917b36e487366392dda44fb2783ee.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: BOS50-P4
Age: 1300465
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 03 Jan 2024 14:30:27 GMT
Server: AmazonS3
ETag: W/"7ce4f6a9a92966accdb56b4260f1c8c7"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: public, max-age=315360000
X-Amz-Cf-Id: 9uOE8yGh55ZKoYaPOKXspayfVC5guN6qhs0yz2XpjSd1lsuw0cCGOQ==

GET
H2 200 / Show response
js.stripe.com/v3/ Frame D298 585 KB
144 KB 131ms
121ms Script
text/javascript 18.239.168.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.168.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-168-95.bos50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ab5896c4f28152942b089d685fefcb1ab59c91c345b73a44da1d416119124ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 15:44:29 GMT
content-encoding: br
via: 1.1 1fa8713a93103b807295046bdbbcea52.cloudfront.net (CloudFront)
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
age: 30
x-amz-cf-pop: BOS50-P3
x-cache: Hit from cloudfront
last-modified: Thu, 18 Jan 2024 05:59:06 GMT
server: Cloudfront
etag: W/"7186d200916e5464e2e931eb575481e8"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
timing-allow-origin: *
x-amz-cf-id: XXou6N3uhoo-oYm6koyxueIoHbGDvfhfpaftJ94zCMGrdPQwG0VQxQ==

GET
H2 200 vendor-81de8f8891e891b4cc3e56fbe758aaa7.js Show response
widget-cdn.simplepractice.com/assets/ Frame D298 2 MB
450 KB 105ms
104ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/vendor-81de8f8891e891b4cc3e56fbe758aaa7.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ceda30b2f3dce6b695d665b7713fd6c2c47bcdab8031204a7d5fa413b6b7538b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 16:24:17 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 16:24:01 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 775243
etag: W/"b4877c110e767217e34408dba0840ab1"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: kPNRmfkWtyjfDNS0I3G6eQFS7dFx74ysqWUQSdCgk5jHwNAWNES1iw==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 chunk.765.14cfcc67d998afc14df4.js Show response
widget-cdn.simplepractice.com/assets/ Frame D298 789 KB
184 KB 104ms
103ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/chunk.765.14cfcc67d998afc14df4.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ac485d05321d9c18d96599c1d0283e058a43128775f64970a31737195f085024

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:42:48 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 09 Jan 2024 21:42:34 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 756131
etag: W/"f09a4396fbe032397ee333753579bdbe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: CIcxywdXpvfvh-Qpv0QO-n2ApWTvWLEdQoX_X8ggqToAfWqechxbDA==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 chunk.143.6d4c3603344b16a068c8.js Show response
widget-cdn.simplepractice.com/assets/ Frame D298 30 KB
6 KB 102ms
94ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/chunk.143.6d4c3603344b16a068c8.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b2de0437f34622407e28cd5796ec5b0b9aa01f228bbbb76ffeef624dbdb5c8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:23:36 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:23:22 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 152484
etag: W/"797303b1b3df4aec3d9a2e1625c43aee"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: u__Mkrb7alIaclHcL2AxVDJ62G8PNM0tZ7VEypePAOuLMwUHKozdIw==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
H2 200 client-portal-01eea45090510305c8a65ff6f23daa18.js Show response
widget-cdn.simplepractice.com/assets/ Frame D298 1 MB
200 KB 102ms
94ms Script
application/javascript 18.239.183.125
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget-cdn.simplepractice.com/assets/client-portal-01eea45090510305c8a65ff6f23daa18.js
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.239.183.125 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-239-183-125.bos50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1affe6972daf772fe55bca18d1dea39b6548cec9cd6440f0e88c1be10ac7f7b0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Tue, 16 Jan 2024 21:23:36 GMT
content-encoding: br
via: 1.1 444cff119449030682546c5e05bfd1da.cloudfront.net (CloudFront)
last-modified: Tue, 16 Jan 2024 21:23:22 GMT
server: AmazonS3
x-amz-cf-pop: BOS50-P4
age: 152484
etag: W/"074bd1f20b4a66479e07c65b4bccbc74"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
cache-control: max-age=63072000, public, immutable
x-amz-cf-id: jAHJPrYWRtJt3Z3f5QqpPrN7UvwfNI0ls0FPylUHFaiQ1Gh6pt0-Pw==
expires: Tue, 01 Jan 2030 00:00:00 GMT

GET
BLOB 200
OK b04b1fa2-8148-41bf-99d8-ed9edbcecc07
https://spwidget-helmhealthandwellness.clientsecure.me/ Frame 95B1 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spwidget-helmhealthandwellness.clientsecure.me/b04b1fa2-8148-41bf-99d8-ed9edbcecc07
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK edf728ac-b018-402e-9cf2-0b6dbad54b14
https://spwidget-helmhealthandwellness.clientsecure.me/ Frame 6FF4 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spwidget-helmhealthandwellness.clientsecure.me/edf728ac-b018-402e-9cf2-0b6dbad54b14
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK e5051385-5127-45c8-a57e-16f081076f0b
https://spwidget-helmhealthandwellness.clientsecure.me/ Frame D298 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://spwidget-helmhealthandwellness.clientsecure.me/e5051385-5127-45c8-a57e-16f081076f0b
Requested by: Host: spwidget-helmhealthandwellness.clientsecure.me
URL: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 / Show response
cmp.osano.com/ Frame 8746 4 KB
1 KB 32ms
31ms Document
text/html 2600:9000:2105:3800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2105:3800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26483
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Thu, 18 Jan 2024 08:23:39 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 13d3731e042da4eb724047055086bf24.cloudfront.net (CloudFront)
x-amz-cf-id: IfOlIRXJ48-9iM9eIGv2l2fVbEvMxriuMOu4nWlAMdjp2Z2AupBfng==
x-amz-cf-pop: BOS50-C3
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame D646 200 B
1 KB 36ms
35ms Document
text/html 18.239.168.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.168.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-168-95.bos50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2608
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:01:33 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Tue, 16 Jan 2024 21:04:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1fa8713a93103b807295046bdbbcea52.cloudfront.net (CloudFront)
x-amz-cf-id: K8R569KESdlJ6RZTJTBFwhOYe91YqX7TjOXr5ET884CXm0uhNTtjDA==
x-amz-cf-pop: BOS50-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 148ms
87ms Preflight 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://spwidget-helmhealthandwellness.clientsecure.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 18 Jan 2024 15:45:01 GMT
via: 1.1 google

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 110ms
86ms Preflight 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://spwidget-helmhealthandwellness.clientsecure.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 18 Jan 2024 15:45:01 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ Frame 6FF4 21 B
131 B 503ms
496ms XHR
application/json 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Bugsnag-Sent-At: 2024-01-18T15:45:01.547Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: cd87d7479ba405250a10f30eb9673844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 15:45:01 GMT
via: 1.1 google
bugsnag-session-uuid: 338b6d4b-f0c3-4ee9-8873-f7e6bacc5cf8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

POST
H2 202 / Show response
sessions.bugsnag.com/ Frame 6FF4 21 B
102 B 506ms
497ms XHR
application/json 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Bugsnag-Sent-At: 2024-01-18T15:45:01.585Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: cd87d7479ba405250a10f30eb9673844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 15:45:01 GMT
via: 1.1 google
bugsnag-session-uuid: 1da51ec4-a1b5-40f6-ae0f-6f5fe3361214
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 cpt-codes Show response
spwidget-helmhealthandwellness.clientsecure.me/client-portal-api/ Frame 6FF4 593 B
810 B 559ms
559ms XHR
application/vnd.api+json 54.188.145.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://spwidget-helmhealthandwellness.clientsecure.me/client-portal-api/cpt-codes?filter%5BclinicianId%5D=1272733

Requested by

Host: widget-cdn.simplepractice.com
URL: https://widget-cdn.simplepractice.com/assets/vendor-81de8f8891e891b4cc3e56fbe758aaa7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.188.145.51 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-188-145-51.us-west-2.compute.amazonaws.com

Software

nginx + Phusion Passenger(R) / Phusion Passenger(R) Enterprise

Resource Hash

fe8db0de07fa72e77653d8347d760bd6aa97003d9c08695d4dd99f3ada761a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Application-Build-Version: 0.0.0
Accept: application/vnd.api+json
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Api-Version: 2019-01-17
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Application-Platform: web

Response headers

date: Thu, 18 Jan 2024 15:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) Enterprise
status: 200 OK
x-xss-protection: 0
x-request-id: 3b1ab3d5-f2b1-4427-be6e-4940708c7c5d
x-runtime: 0.049905
referrer-policy: strict-origin-when-cross-origin
server: nginx + Phusion Passenger(R)
etag: W/"fe8db0de07fa72e77653d8347d760bd6"
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: application/vnd.api+json
cache-control: max-age=0, private, must-revalidate

GET
H3 200 / Show response
cmp.osano.com/ Frame 5CEA 4 KB
1 KB 33ms
32ms Document
text/html 2600:9000:2105:3800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2105:3800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26483
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Thu, 18 Jan 2024 08:23:39 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
x-amz-cf-id: ji9y6jNiVwHqEz_tkaBjdR2mMGtW00L0L6CJotv6fXinI_7WIz4aNQ==
x-amz-cf-pop: BOS50-C3
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 70F2 200 B
1 KB 37ms
36ms Document
text/html 18.239.168.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.168.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-168-95.bos50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2608
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:01:33 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Tue, 16 Jan 2024 21:04:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1fa8713a93103b807295046bdbbcea52.cloudfront.net (CloudFront)
x-amz-cf-id: QHNk2MwBfGxJtK66H8AB6J8r5sSSdxskzv5lNtSM8nhxI1421-bFTA==
x-amz-cf-pop: BOS50-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 87ms
87ms Preflight 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://spwidget-helmhealthandwellness.clientsecure.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 18 Jan 2024 15:45:01 GMT
via: 1.1 google

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 503ms
495ms Preflight 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://spwidget-helmhealthandwellness.clientsecure.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 18 Jan 2024 15:45:01 GMT
via: 1.1 google

POST
H3 202 / Show response
sessions.bugsnag.com/ Frame D298 21 B
35 B 454ms
453ms XHR
application/json 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Bugsnag-Sent-At: 2024-01-18T15:45:01.666Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: cd87d7479ba405250a10f30eb9673844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 15:45:01 GMT
via: 1.1 google
bugsnag-session-uuid: a63d0e06-95a9-40f4-9a7f-0ed18180845d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

POST
H3 202 / Show response
sessions.bugsnag.com/ Frame D298 21 B
35 B 90ms
86ms XHR
application/json 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Bugsnag-Sent-At: 2024-01-18T15:45:01.695Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: cd87d7479ba405250a10f30eb9673844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 15:45:02 GMT
via: 1.1 google
bugsnag-session-uuid: 03e2edb3-2a18-4a76-93fb-f25ac62ac4ae
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 cpt-codes Show response
spwidget-helmhealthandwellness.clientsecure.me/client-portal-api/ Frame D298 593 B
810 B 471ms
470ms XHR
application/vnd.api+json 54.188.145.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://spwidget-helmhealthandwellness.clientsecure.me/client-portal-api/cpt-codes?filter%5BclinicianId%5D=1272733

Requested by

Host: widget-cdn.simplepractice.com
URL: https://widget-cdn.simplepractice.com/assets/vendor-81de8f8891e891b4cc3e56fbe758aaa7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.188.145.51 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-188-145-51.us-west-2.compute.amazonaws.com

Software

nginx + Phusion Passenger(R) / Phusion Passenger(R) Enterprise

Resource Hash

fe8db0de07fa72e77653d8347d760bd6aa97003d9c08695d4dd99f3ada761a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Application-Build-Version: 0.0.0
Accept: application/vnd.api+json
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Api-Version: 2019-01-17
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Application-Platform: web

Response headers

date: Thu, 18 Jan 2024 15:45:01 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) Enterprise
status: 200 OK
x-xss-protection: 0
x-request-id: b65a303a-f3be-414a-8226-72545c3409bc
x-runtime: 0.023098
referrer-policy: strict-origin-when-cross-origin
server: nginx + Phusion Passenger(R)
etag: W/"fe8db0de07fa72e77653d8347d760bd6"
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: application/vnd.api+json
cache-control: max-age=0, private, must-revalidate

GET
H3 200 / Show response
cmp.osano.com/ Frame 0528 4 KB
1 KB 32ms
31ms Document
text/html 2600:9000:2105:3800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2105:3800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26483
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Thu, 18 Jan 2024 08:23:39 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
x-amz-cf-id: 1X-gsNyK1eIaoQrkod_bGNeYa6DiCiS9bi3dip29N5_2HBnr-poAfQ==
x-amz-cf-pop: BOS50-C3
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 m-outer-3437aaddcdf6922d623e172c2d6f9278.html Show response
js.stripe.com/v3/ Frame 2ABA 200 B
1 KB 34ms
34ms Document
text/html 18.239.168.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.168.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-168-95.bos50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2608
cache-control: max-age=31536000
content-length: 200
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; worker-src 'none'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:01:33 GMT
etag: "3437aaddcdf6922d623e172c2d6f9278"
last-modified: Tue, 16 Jan 2024 21:04:40 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 1fa8713a93103b807295046bdbbcea52.cloudfront.net (CloudFront)
x-amz-cf-id: TgMvqeTGF-ELSkozHFGUzUYYsy5YBhQWGGAEHKzjKJTgqCzrA866wQ==
x-amz-cf-pop: BOS50-P3
x-cache: Hit from cloudfront
x-content-type-options: nosniff

OPTIONS
H3 200 /
sessions.bugsnag.com/ Frame 0
0 453ms
452ms Preflight 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://spwidget-helmhealthandwellness.clientsecure.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 18 Jan 2024 15:45:01 GMT
via: 1.1 google

OPTIONS
H3 200 /
sessions.bugsnag.com/ Frame 0
0 426ms
425ms Preflight 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://spwidget-helmhealthandwellness.clientsecure.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Thu, 18 Jan 2024 15:45:01 GMT
via: 1.1 google

POST
H3 202 / Show response
sessions.bugsnag.com/ Frame 95B1 21 B
35 B 89ms
88ms XHR
application/json 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Bugsnag-Sent-At: 2024-01-18T15:45:01.756Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: cd87d7479ba405250a10f30eb9673844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 15:45:02 GMT
via: 1.1 google
bugsnag-session-uuid: 5cada63d-076c-4ab9-a905-50c0d1d42d4d
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

POST
H3 202 / Show response
sessions.bugsnag.com/ Frame 95B1 21 B
35 B 88ms
87ms XHR
application/json 2600:1901:0:7a0b::

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v7/bugsnag.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2600:1901:0:7a0b:: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Bugsnag-Sent-At: 2024-01-18T15:45:01.783Z
accept-language: en-US,en;q=0.9
Bugsnag-Api-Key: cd87d7479ba405250a10f30eb9673844
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Thu, 18 Jan 2024 15:45:02 GMT
via: 1.1 google
bugsnag-session-uuid: 930aa491-3c3c-454f-85f4-df9bd6384021
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
content-type: application/json

GET
H2 200 cpt-codes Show response
spwidget-helmhealthandwellness.clientsecure.me/client-portal-api/ Frame 95B1 593 B
824 B 116ms
115ms XHR
application/vnd.api+json 54.188.145.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://spwidget-helmhealthandwellness.clientsecure.me/client-portal-api/cpt-codes?filter%5BclinicianId%5D=1272733

Requested by

Host: widget-cdn.simplepractice.com
URL: https://widget-cdn.simplepractice.com/assets/vendor-81de8f8891e891b4cc3e56fbe758aaa7.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.188.145.51 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-188-145-51.us-west-2.compute.amazonaws.com

Software

nginx + Phusion Passenger(R) / Phusion Passenger(R) Enterprise

Resource Hash

fe8db0de07fa72e77653d8347d760bd6aa97003d9c08695d4dd99f3ada761a47

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Application-Build-Version: 0.0.0
Accept: application/vnd.api+json
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/widget/service?appearance=%7B%22fullScreen%22%3Atrue%7D&practiceId=822450
Api-Version: 2019-01-17
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Application-Platform: web

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
content-encoding: gzip
x-content-type-options: nosniff, nosniff
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) Enterprise
status: 200 OK
x-xss-protection: 0
x-request-id: f1acf2d3-076e-4b04-9e42-cd04e2934457
x-runtime: 0.021152
referrer-policy: strict-origin-when-cross-origin
server: nginx + Phusion Passenger(R)
etag: W/"fe8db0de07fa72e77653d8347d760bd6"
x-download-options: noopen
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
content-type: application/vnd.api+json
cache-control: max-age=0, private, must-revalidate

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame D646 526 B
1 KB 35ms
35ms Script
text/javascript 18.239.168.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.168.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-168-95.bos50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
via: 1.1 1fa8713a93103b807295046bdbbcea52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2920
x-amz-cf-pop: BOS50-P3
x-cache: Hit from cloudfront
content-length: 526
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 31njHYQ-pjiYFPEdG77VBMsdzfZU5lNhUlaaHK2XU9joqChnLKeFXg==

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 70F2 526 B
1 KB 36ms
35ms Script
text/javascript 18.239.168.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.168.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-168-95.bos50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
via: 1.1 1fa8713a93103b807295046bdbbcea52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2920
x-amz-cf-pop: BOS50-P3
x-cache: Hit from cloudfront
content-length: 526
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: fHTJG2ibm9-0Qt_SldJJEQuJIPWE5WDzYWBoW7ko6Dz66-ZHO8HCmQ==

GET
H2 200 m-outer-15a2b40a058ddff1cffdb63779fe3de1.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2ABA 526 B
1 KB 35ms
34ms Script
text/javascript 18.239.168.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.239.168.95 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-239-168-95.bos50.r.cloudfront.net

Software

Cloudfront /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-3437aaddcdf6922d623e172c2d6f9278.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 18 Jan 2024 14:56:23 GMT
via: 1.1 1fa8713a93103b807295046bdbbcea52.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
age: 2920
x-amz-cf-pop: BOS50-P3
x-cache: Hit from cloudfront
content-length: 526
last-modified: Mon, 08 Jan 2024 21:41:57 GMT
server: Cloudfront
etag: "d96c709017743c0759cf3853d1806ba5"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3ySwF9NHRAHpqkWWc7-P56gVTqpXrm9_P1QBdLtm-qw4OnrJTs3wbA==

POST
H2 200 csp-report
q.stripe.com/ Frame D646 0
716 B 925ms
487ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592702869445
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705592702869062
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame D646 0
717 B 920ms
483ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592702869703
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705592702869026
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 70F2 0
716 B 917ms
486ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592702869923
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705592702869103
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 70F2 0
716 B 914ms
485ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592702869893
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 0
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705592702869251
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2ABA 0
717 B 916ms
493ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592702879795
x-envoy-upstream-service-time: 12
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705592702869317
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2ABA 0
716 B 915ms
492ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592702870085
x-envoy-upstream-service-time: 4
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
x-stripe-server-envoy-upstream-service-time-ms: 1
access-control-allow-origin: https://js.stripe.com
x-stripe-client-envoy-start-time-us: 1705592702869279
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-expose-headers: Server, Range, Content-Type
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame AFF4 930 B
1 KB 66ms
20ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 10
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:45:02 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 17
x-content-type-options: nosniff
x-request-id: ebfd141e-b27d-4dd1-9686-c64e1b6167bc
x-served-by: cache-yyz4548-YYZ
x-timer: S1705592702.369448,VS0,VE0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 24FA 930 B
636 B 62ms
21ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 10
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:45:02 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 18
x-content-type-options: nosniff
x-request-id: 7ff651d6-6ee9-409c-94e4-6255ca4e499a
x-served-by: cache-yyz4548-YYZ
x-timer: S1705592702.369976,VS0,VE0

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 59DE 930 B
636 B 59ms
22ms Document
text/html 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-15a2b40a058ddff1cffdb63779fe3de1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 10
cache-control: max-age=300, public
content-encoding: br
content-length: 540
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-/5Guo2nzv5n/w6ukZpOBZOtTJBJPSkJ6mhHpnBgm3Ls='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Thu, 18 Jan 2024 15:45:02 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding, Origin
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 19
x-content-type-options: nosniff
x-request-id: 14bef9f2-4fcc-4ca5-a373-14a00cb4f42b
x-served-by: cache-yyz4548-YYZ
x-timer: S1705592702.370014,VS0,VE0

GET
H3 200 / Show response
cmp.osano.com/ Frame D822 4 KB
1 KB 33ms
32ms Document
text/html 2600:9000:2105:3800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2105:3800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26484
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Thu, 18 Jan 2024 08:23:39 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
x-amz-cf-id: LbhdtOGJuVoZS41TsNHZNG_C3lrt5T9NCmWSb94WR_V11KqHUDNABg==
x-amz-cf-pop: BOS50-C3
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 record Show response
consent.api.osano.com/ Frame 6FF4 0
438 B 433ms
432ms XHR
text/plain 18.161.21.4

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.21.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
via: 1.1 06a5ad95830bfb5005cea8e571236848.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-P1
x-amzn-trace-id: Root=1-65a9477e-744556af435cdd621ef2e315
x-amzn-requestid: de6c6891-8d8e-46e4-8aa4-6bc5b75cb19e
x-cache: Miss from cloudfront
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id: Rvgb3HI1IAMEs4w=
x-amz-cf-id: Vd6LJMHpdOAW5cIYXL5D4Zf3hE_aDa2D4I-drFoExcAvKClT1Q0tMg==

GET
H3 200 / Show response
cmp.osano.com/ Frame 383D 4 KB
1 KB 33ms
33ms Document
text/html 2600:9000:2105:3800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2105:3800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26484
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Thu, 18 Jan 2024 08:23:39 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
x-amz-cf-id: NxQ6-ooJaW14qSmWVeQp5aIW_DM2pDVr0kjskavM_4zUbFCeyCJZlQ==
x-amz-cf-pop: BOS50-C3
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 record Show response
consent.api.osano.com/ Frame D298 0
437 B 445ms
445ms XHR
text/plain 18.161.21.4

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.21.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
via: 1.1 06a5ad95830bfb5005cea8e571236848.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-P1
x-amzn-trace-id: Root=1-65a9477e-2822a24c05f4cbb72e253d31
x-amzn-requestid: 3d05aefd-2968-471f-a385-0dd52508a3a4
x-cache: Miss from cloudfront
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id: Rvgb3GEIoAMEcJA=
x-amz-cf-id: rSpUQxicSGuSMBdhVnjIObkdcGDB42_M4D1Cml79vrmSm4Y7TN4F2g==

GET
H3 200 / Show response
cmp.osano.com/ Frame E5BA 4 KB
1 KB 37ms
36ms Document
text/html 2600:9000:2105:3800:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:9000:2105:3800:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 26484
alt-svc: h3=":443"; ma=86400
content-encoding: br
content-type: text/html
date: Thu, 18 Jan 2024 08:23:39 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: strict-origin-when-cross-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 381e492f95c61e51e17f4db787d5bfea.cloudfront.net (CloudFront)
x-amz-cf-id: kLkp11thvhE8T4DR3GhxMObgZ41AkfFaHId8tpyAzsoO-SxZ5LLGtw==
x-amz-cf-pop: BOS50-C3
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 record Show response
consent.api.osano.com/ Frame 95B1 0
439 B 447ms
446ms XHR
text/plain 18.161.21.4

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/169npvTLrpaA61ZC2/4ac283b3-d4e1-4a55-adf8-6692c9b865d2/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.21.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://spwidget-helmhealthandwellness.clientsecure.me/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
via: 1.1 06a5ad95830bfb5005cea8e571236848.cloudfront.net (CloudFront)
x-amz-cf-pop: BOS50-P1
x-amzn-trace-id: Root=1-65a9477e-3e518cb00765946c0d4dabae
x-amzn-requestid: fc76e9c7-de36-415b-8013-1f24cf6303bb
x-cache: Miss from cloudfront
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
access-control-allow-headers: Accept, Authorization, Content-Length, Content-Type, Origin, X-Requested-With
x-amz-apigw-id: Rvgb3GEuIAMEKJQ=
x-amz-cf-id: uMjZAhAqDHQaGKFWRrvZzhc8u58w9YwikoctowcidZNVmdod0SndPA==

POST
H2 200 csp-report
q.stripe.com/ Frame AFF4 0
490 B 517ms
484ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592702870059
x-envoy-upstream-service-time: 1
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 0
x-stripe-client-envoy-start-time-us: 1705592702869408
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame AFF4 87 KB
15 KB 20ms
20ms Script
text/javascript 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 18 Jan 2024 15:45:02 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 11
x-cache: HIT
content-length: 15509
x-request-id: 8e104c3d-3de2-41e4-9d9c-fda58a455837
x-served-by: cache-yyz4548-YYZ
server: Fastly
x-timer: S1705592703.699528,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 14

POST
H2 200 csp-report
q.stripe.com/ Frame 24FA 0
490 B 519ms
489ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592702870144
x-envoy-upstream-service-time: 2
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1705592702869522
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 24FA 87 KB
15 KB 25ms
25ms Script
text/javascript 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 18 Jan 2024 15:45:02 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 11
x-cache: HIT
content-length: 15509
x-request-id: b69dd9eb-7f10-48fc-a277-cf7339a69a94
x-served-by: cache-yyz4548-YYZ
server: Fastly
x-timer: S1705592703.701633,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 15

POST
H2 200 csp-report
q.stripe.com/ Frame 59DE 0
490 B 518ms
490ms Other
text/plain 54.187.119.242

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: bellinimarketingj35.sg-host.com
URL: https://bellinimarketingj35.sg-host.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.119.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Thu, 18 Jan 2024 15:45:02 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592702870098
x-envoy-upstream-service-time: 3
content-length: 0
x-stripe-bg-intended-route-color: blue
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
x-stripe-server-envoy-upstream-service-time-ms: 1
x-stripe-client-envoy-start-time-us: 1705592702869349
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
expires: 0

GET
H2 200 out-4.5.43.js Show response
m.stripe.network/ Frame 59DE 87 KB
15 KB 26ms
26ms Script
text/javascript 151.101.64.176

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.43.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 -, , ASN (),

Reverse DNS

Software

Fastly /

Resource Hash

e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
date: Thu, 18 Jan 2024 15:45:02 GMT
x-content-type-options: nosniff
content-encoding: br
via: 1.1 varnish
age: 11
x-cache: HIT
content-length: 15509
x-request-id: b55c304c-7bc6-46fa-a3c3-6af71a9a580c
x-served-by: cache-yyz4548-YYZ
server: Fastly
x-timer: S1705592703.703959,VS0,VE0
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
accept-ranges: bytes
x-cache-hits: 16

OPTIONS
H2 200 record
consent.api.osano.com/ Frame 0
0 234ms
68ms Preflight
application/json 18.161.21.4

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.21.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://spwidget-helmhealthandwellness.clientsecure.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 18 Jan 2024 15:45:02 GMT
via: 1.1 06a5ad95830bfb5005cea8e571236848.cloudfront.net (CloudFront)
x-amz-apigw-id: Rvgb2Gz8IAMECxg=
x-amz-cf-id: tPPaNHT1xAtivZ7mQzenhefPMf0MRLxaD13dD-dU1zqes46wM9pPFg==
x-amz-cf-pop: BOS50-P1
x-amzn-requestid: a012e577-a56c-4e52-bca0-7323b58556bf
x-cache: Miss from cloudfront

OPTIONS
H2 200 record
consent.api.osano.com/ Frame 0
0 204ms
47ms Preflight
application/json 18.161.21.4

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.21.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://spwidget-helmhealthandwellness.clientsecure.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 18 Jan 2024 15:45:02 GMT
via: 1.1 06a5ad95830bfb5005cea8e571236848.cloudfront.net (CloudFront)
x-amz-apigw-id: Rvgb2Fg3oAMEWfw=
x-amz-cf-id: KBbgI-NRha9QuGsTGS43kapTyujmSe0XNDYJqDeP9tjWqmU1gM74qw==
x-amz-cf-pop: BOS50-P1
x-amzn-requestid: 61306a44-dde2-4130-818b-e6361be8cc79
x-cache: Miss from cloudfront

OPTIONS
H2 200 record
consent.api.osano.com/ Frame 0
0 84ms
46ms Preflight
application/json 18.161.21.4

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.api.osano.com/record
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.161.21.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://spwidget-helmhealthandwellness.clientsecure.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Thu, 18 Jan 2024 15:45:02 GMT
via: 1.1 06a5ad95830bfb5005cea8e571236848.cloudfront.net (CloudFront)
x-amz-apigw-id: Rvgb2HmKIAMES2A=
x-amz-cf-id: ZeojRitf2U6rWC_-f7h9MMioZTuPj5JlU_btVG-fh-ZUQP2mBVNJEA==
x-amz-cf-pop: BOS50-P1
x-amzn-requestid: 190b2119-ec1e-4421-b5de-6d77180d030b
x-cache: Miss from cloudfront

POST
H2 200 6 Show response
m.stripe.com/ Frame AFF4 156 B
669 B 826ms
97ms XHR
application/json 54.201.135.255

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

6a27d571e14fe6248c1f451a1a53dd37d7ed213df54b7128c9e5b2c20b6b86bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 18 Jan 2024 15:45:04 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592704400364
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 3
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705592704400059
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 24FA 156 B
669 B 881ms
157ms XHR
application/json 54.201.135.255

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

e967ee52ccbf3d8e3cedea52182784e611a5d140b1241036a89807dfc685eae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 18 Jan 2024 15:45:04 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592704449150
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 14
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705592704448939
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H2 200 6 Show response
m.stripe.com/ Frame 59DE 156 B
667 B 915ms
203ms XHR
application/json 54.201.135.255

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.43.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.201.135.255 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

2f11d40df1fb593bf82a1e9e4e86a1fc5f858f26319660940ade5dcfacf0bfdb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-stripe-bg-intended-route-color: blue
date: Thu, 18 Jan 2024 15:45:04 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
x-stripe-server-envoy-start-time-us: 1705592704500152
server: nginx
content-type: application/json;charset=utf-8
x-stripe-server-envoy-upstream-service-time-ms: 4
access-control-allow-origin: https://m.stripe.network
x-stripe-client-envoy-start-time-us: 1705592704499793
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bellinimarketingj35.sg-host.com
URL: http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-header-cbcc6002.min.css

Domain: bellinimarketingj35.sg-host.com
URL: http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-header-1bcc1a02.min.js

Domain: bellinimarketingj35.sg-host.com
URL: http://bellinimarketingj35.sg-host.com/wp-content/uploads/2023/05/hh_horiz_grey_r_heart.png

Domain: bellinimarketingj35.sg-host.com
URL: http://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/Untitled-design-10-1.jpg

Domain: bellinimarketingj35.sg-host.com
URL: http://bellinimarketingj35.sg-host.com/wp-content/uploads/2023/06/image-2023-06-02T110221.472.webp

Domain: bellinimarketingj35.sg-host.com
URL: http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-footer-82cb230a.min.css

Domain: bellinimarketingj35.sg-host.com
URL: http://bellinimarketingj35.sg-host.com/wp-content/uploads/2023/05/hh_wheel_r_heart_lg.png

Domain: bellinimarketingj35.sg-host.com
URL: http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-footer-a11f619b.min.js

Domain: bellinimarketingj35.sg-host.com
URL: http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-footer-07b3197d.min.js

Domain: bellinimarketingj35.sg-host.com
URL: http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-footer-066e1207.min.js

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sg-host.com/	1970-01-21 03:22:32	Name: _ga_QPY2FX6RDD Value: GS1.1.1705592697.1.0.1705592697.0.0.0
			.sg-host.com/	1970-01-21 03:22:32	Name: _ga Value: GA1.1.531165815.1705592698

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://bellinimarketingj35.sg-host.com/(Line 246) Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-header-cbcc6002.min.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bellinimarketingj35.sg-host.com/ Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure script 'http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-header-1bcc1a02.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bellinimarketingj35.sg-host.com/(Line 404) Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure image 'http://bellinimarketingj35.sg-host.com/wp-content/uploads/2023/05/hh_horiz_grey_r_heart.png'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://bellinimarketingj35.sg-host.com/ Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure element 'http://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/close-up-view-of-the-dry-flowers-2023-11-27-05-09-20-utc-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://bellinimarketingj35.sg-host.com/(Line 525) Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure image 'http://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/Untitled-design-10-1.jpg'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bellinimarketingj35.sg-host.com/(Line 711) Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure image 'http://bellinimarketingj35.sg-host.com/wp-content/uploads/2023/06/image-2023-06-02T110221.472.webp'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bellinimarketingj35.sg-host.com/(Line 970) Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-footer-82cb230a.min.css'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bellinimarketingj35.sg-host.com/(Line 974) Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure image 'http://bellinimarketingj35.sg-host.com/wp-content/uploads/2023/05/hh_wheel_r_heart_lg.png'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bellinimarketingj35.sg-host.com/ Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure script 'http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-footer-a11f619b.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bellinimarketingj35.sg-host.com/ Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure script 'http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-footer-07b3197d.min.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://bellinimarketingj35.sg-host.com/ Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure script 'http://bellinimarketingj35.sg-host.com/wp-content/cache/wpo-minify/1705446539/assets/wpo-minify-footer-066e1207.min.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://bellinimarketingj35.sg-host.com/(Line 1149) Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure element 'http://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/close-up-view-of-the-dry-flowers-2023-11-27-05-09-20-utc-1.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bellinimarketingj35.sg-host.com/(Line 1224) Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure element 'http://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/wooden-spoons-on-the-blue-table-2023-11-27-05-26-13-utc.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bellinimarketingj35.sg-host.com/(Line 1224) Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure element 'http://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/stethoscope-on-the-beige-background-2023-11-27-04-57-48-utc.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://bellinimarketingj35.sg-host.com/(Line 1224) Message: Mixed Content: The page at 'https://bellinimarketingj35.sg-host.com/' was loaded over HTTPS, but requested an insecure element 'http://bellinimarketingj35.sg-host.com/wp-content/uploads/2024/01/Screenshot202023-12-1920at2011.14.4320AM.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bellinimarketingj35.sg-host.com
cmp.osano.com
consent.api.osano.com
d2wy8f7a9ursnm.cloudfront.net
fonts.googleapis.com
helmhealthandwellness.clientsecure.me
js.stripe.com
m.stripe.com
m.stripe.network
q.stripe.com
sessions.bugsnag.com
spwidget-helmhealthandwellness.clientsecure.me
widget-cdn.simplepractice.com
www.google-analytics.com
www.googletagmanager.com
bellinimarketingj35.sg-host.com
151.101.64.176
18.161.21.4
18.239.168.95
18.239.176.180
18.239.183.125
2600:1901:0:7a0b::
2600:9000:2105:3800:3:b7e:8940:93a1
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c17::8a
2607:f8b0:4004:c1b::61
35.212.56.225
54.187.119.242
54.188.145.51
54.201.135.255
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
13aeab1a9428e836ba301e52fba70d550acded1922af4b2c0d81613e869b846a
1ad1452b79fa9386908179181c37356cc9c3b27dbc6e606f45661653cdb1346a
1affe6972daf772fe55bca18d1dea39b6548cec9cd6440f0e88c1be10ac7f7b0
2f11d40df1fb593bf82a1e9e4e86a1fc5f858f26319660940ade5dcfacf0bfdb
35dcc382eb69d00369d708708cdc545f3968b68fa5bbe3e728d11fedd04f93bb
37b17568df9546aa17d1f03e231caab311914d7abdc3bf0aded2c1a3554cae82
3dba62d760768a577980a6abea886219a68630f3903bb43828ab1190245d83e9
4014ae02b93f683f450837adfd916da77ff79f61cd3126613e7361808c6da83c
6a27d571e14fe6248c1f451a1a53dd37d7ed213df54b7128c9e5b2c20b6b86bf
782ed0ca3156470a4791ecb64d5eb86f1cb4b62aea5df0dcfb7f908b08406358
7a0a02c1cac6dadd50c7918e5dd7157c0bbd09c97596a84fdadc2b6cd4e0b8f7
7b2de0437f34622407e28cd5796ec5b0b9aa01f228bbbb76ffeef624dbdb5c8d
7d53bef875b7e1926eb753126cb7642ba4062bcdcefe3a18b8f8f0cf065a1456
90517fcd8932f4f093aa089308112a9f6c93408583b133fd36c939190741933a
93cae3058dedba71d57fc8af7e51d3ea6f5cedf075dbb45115a3fdda5349f860
947ac0903521f5eceefc90637c066306a8ca67466ccc188bb0107fb7cfb532d1
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a79c5816c93d811bd626a9810d95b806b667decbf26823554a07f33a5a37354c
ab5896c4f28152942b089d685fefcb1ab59c91c345b73a44da1d416119124ab9
ac485d05321d9c18d96599c1d0283e058a43128775f64970a31737195f085024
b28b8be47bea2704c4a56b0d0dc546471f01f33f95a27450b89939f05c7e14e3
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba8bea6a6bbbb634afd80fa6128f556a2d09331a9b5e14754d134c43748d5dcd
ca6e9a52a1e2dea1dc804ea3b71a7878f89ddbd17073305bc90b515a2aae7718
ceda30b2f3dce6b695d665b7713fd6c2c47bcdab8031204a7d5fa413b6b7538b
d3e57170959b03410110b81b17f389185be767630a7c4249224338fd99a17fd2
df1557b4778eaa3469791fd84066eff1ec3ee82aa8769a58938a8c6ea34a9772
e039e607c78306c7e029a7fd0ecdb14f86456f16e1a5ce65aa26b4fdf1d38a3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e967ee52ccbf3d8e3cedea52182784e611a5d140b1241036a89807dfc685eae1
f14dea5b4a9867bd1c9bb624645c3c97a6dc48991bcfc6a3f24cdf5149a5b20b
f41b670d337cd63286355e154b6d7a4910e5aaea9383afdb634d9eed82083d10
fbfb3945daa25e9f7c73d9c0575953e803419bfc31cfe9737f853f44bc65ccd7
fe8db0de07fa72e77653d8347d760bd6aa97003d9c08695d4dd99f3ada761a47

bellinimarketingj35.sg-host.com Open in urlscan Pro 35.212.56.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

105 Requests

88 %HTTPS

36 %IPv6

11 Domains

15 Subdomains

15 IPs

1 Countries

4704 kBTransfer

18548 kBSize

2 Cookies

4 Outgoing links

Redirected requests

105 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bellinimarketingj35.sg-host.com Open in urlscan Pro
35.212.56.225 Public Scan

Screenshot
Live screenshot

Full Image

105
Requests

88 %
HTTPS

36 %
IPv6

11
Domains

15
Subdomains

15
IPs

1
Countries

4704 kB
Transfer

18548 kB
Size

2
Cookies

105 HTTP transactions
0 data transactions