urlscan.io logo urlscan.io
SecurityTrails logo

wellbeingmatters.mn.co Open in urlscan Pro
162.159.128.53  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://wellbeingmatters.mn.co/
Effective URL: https://wellbeingmatters.mn.co/
Submission: On February 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 3 countries across 11 domains to perform 63 HTTP transactions. The main IP is 162.159.128.53, located in and belongs to CLOUDFLARENET, US. The main domain is wellbeingmatters.mn.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 21st 2023. Valid for: a year.
This is the only time wellbeingmatters.mn.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

4    162.159.128.53 (None, )

ASN13335 (CLOUDFLARENET, US)
wellbeingmatters.mn.co
cdn.mn.co
15    108.138.26.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-26-75.fra56.r.cloudfront.net
assets1-production.mightynetworks.com
10    2a04:4e42::720 (United States)

ASN54113 (FASTLY, US)
media1-production-mightynetworks.imgix.net
assets1-production-mightynetworks.imgix.net
1    162.159.138.52 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.mn.co
5    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
10    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
4    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
1    44.210.219.229 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-219-229.compute-1.amazonaws.com
stats.pusher.com
4    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
2    2a00:1450:4001:813::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
1    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
Apex Domain
Subdomains		 Transfer
15 mightynetworks.com
assets1-production.mightynetworks.com — Cisco Umbrella Rank: 147344
1 MB
10 youtube.com
www.youtube.com — Cisco Umbrella Rank: 80
1 MB
10 imgix.net
media1-production-mightynetworks.imgix.net — Cisco Umbrella Rank: 115069
assets1-production-mightynetworks.imgix.net — Cisco Umbrella Rank: 178818
557 KB
8 gstatic.com
www.gstatic.com
fonts.gstatic.com
481 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 2
56 KB
5 mn.co
wellbeingmatters.mn.co
cdn.mn.co — Cisco Umbrella Rank: 208926
70 KB
4 googleapis.com
jnn-pa.googleapis.com — Cisco Umbrella Rank: 230
40 KB
3 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
static.doubleclick.net — Cisco Umbrella Rank: 271
1 KB
2 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 102
91 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 218
5 KB
1 pusher.com
stats.pusher.com — Cisco Umbrella Rank: 8066
75 B
63 11
Domain Requested by
15 assets1-production.mightynetworks.com wellbeingmatters.mn.co
assets1-production.mightynetworks.com
10 www.youtube.com assets1-production.mightynetworks.com
www.youtube.com
9 media1-production-mightynetworks.imgix.net wellbeingmatters.mn.co
assets1-production.mightynetworks.com
5 www.google.com assets1-production.mightynetworks.com
www.gstatic.com
www.google.com
www.youtube.com
4 jnn-pa.googleapis.com www.youtube.com
4 fonts.gstatic.com www.youtube.com
www.google.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 wellbeingmatters.mn.co 1 redirects assets1-production.mightynetworks.com
2 i.ytimg.com www.youtube.com
2 googleads.g.doubleclick.net 1 redirects www.youtube.com
2 cdn.mn.co wellbeingmatters.mn.co
1 yt3.ggpht.com www.youtube.com
1 stats.pusher.com assets1-production.mightynetworks.com
1 static.doubleclick.net www.youtube.com
1 assets1-production-mightynetworks.imgix.net wellbeingmatters.mn.co
63 15
Subject Issuer Validity Valid
mn.co
Cloudflare Inc ECC CA-3		 2023-06-21 -
2024-06-20		 a year crt.sh
mightynetworks.com
Amazon RSA 2048 M03		 2023-11-13 -
2024-12-11		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q4		 2023-12-07 -
2025-01-07		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.pusher.com
Gandi Standard SSL CA 2		 2023-04-11 -
2024-04-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://wellbeingmatters.mn.co/
Frame ID: 8EC2DD76251A798CDB6673B203148953
Requests: 36 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG&co=aHR0cHM6Ly93ZWxsYmVpbmdtYXR0ZXJzLm1uLmNvOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=invisible&cb=ldobu9cyht5u
Frame ID: 6BD444AED3D17EBEE94FE3650323BA5C
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Frame ID: 0A8DEAAAAA17EF2E2D1C5121F16E4A6A
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Well Being Matters

Page URL History Show full URLs

  1. http://wellbeingmatters.mn.co/ HTTP 301
    https://wellbeingmatters.mn.co/ Page URL

Detected technologies

Overall confidence: 75%
Detected patterns
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

63
Requests

97 %
HTTPS

71 %
IPv6

11
Domains

15
Subdomains

15
IPs

3
Countries

3580 kB
Transfer

12077 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://wellbeingmatters.mn.co/ HTTP 301
    https://wellbeingmatters.mn.co/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

63 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
wellbeingmatters.mn.co/
Redirect Chain
  • http://wellbeingmatters.mn.co/
  • https://wellbeingmatters.mn.co/
48 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e50531e9cb69894ebce963fa50564b52abaf36d415346b081c0c83e7f63ab1c
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.mightynetworks.com *.mn.co; child-src 'self' blob: *; connect-src 'self' *.akamaized.net *.amazonaws.com/upload.usersnap.com *.analytics.google.com *.chime.aws *.facebook.com *.google-analytics.com *.googlesyndication.com *.imgix.net *.live-video.net *.kaltura.com *.mightynetworks.com *.mn.co adservice.google.com api.getrewardful.com api.segment.io api.stripe.com api-iam.intercom.io app.brightback.com bat.bing.com capture.trackjs.com cdn.linkedin.oribi.io cdn.segment.com js.stripe.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com sockjs.pusher.com statsigapi.net stats.g.doubleclick.net translate.google.com translate.googleapis.com uploads.intercomcdn.com widget.usersnap.com ws.pusherapp.com www.google.com www.googletagmanager.com logs.browser-intake-datadoghq.com analytics.tiktok.com d8acyc0zqfjzr.cloudfront.net wss:; media-src 'self' blob: data: *; font-src 'self' data: fonts.gstatic.com fonts.intercomcdn.com *.mightynetworks.com *.mn.co; img-src 'self' blob: data: *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.chime.aws *.capterra.com *.google-analytics.com *.googlesyndication.com *.mightynetworks.com *.mn.co *.usersnap.com ajax.googleapis.com apis.google.com app.brightback.com bat.bing.com cdnjs.cloudflare.com cdn.embedly.com cdn.jsdelivr.net cdn.segment.com cdn.trackjs.com code.highcharts.com connect.facebook.net googleads.g.doubleclick.net js.intercomcdn.com js.stripe.com snap.licdn.com static.ads-twitter.com stats.pusher.com translate.google.com translate.googleapis.com widget.intercom.io www.datadoghq-browser-agent.com www.googletagmanager.com www.google.com www.gstatic.com www.googleadservices.com www.youtube.com analytics.tiktok.com; object-src 'none'; style-src 'self' blob: data: 'unsafe-inline' *.mightynetworks.com *.mn.co cdnjs.cloudflare.com cdn.jsdelivr.net fonts.googleapis.com; report-uri /api/web/v1/analytics/csp_violations
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
857d441b3f3f4d38-FRA
content-encoding
gzip
content-security-policy
default-src 'self' *.mightynetworks.com *.mn.co; child-src 'self' blob: *; connect-src 'self' *.akamaized.net *.amazonaws.com/upload.usersnap.com *.analytics.google.com *.chime.aws *.facebook.com *.google-analytics.com *.googlesyndication.com *.imgix.net *.live-video.net *.kaltura.com *.mightynetworks.com *.mn.co adservice.google.com api.getrewardful.com api.segment.io api.stripe.com api-iam.intercom.io app.brightback.com bat.bing.com capture.trackjs.com cdn.linkedin.oribi.io cdn.segment.com js.stripe.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com sockjs.pusher.com statsigapi.net stats.g.doubleclick.net translate.google.com translate.googleapis.com uploads.intercomcdn.com widget.usersnap.com ws.pusherapp.com www.google.com www.googletagmanager.com logs.browser-intake-datadoghq.com analytics.tiktok.com d8acyc0zqfjzr.cloudfront.net wss:; media-src 'self' blob: data: *; font-src 'self' data: fonts.gstatic.com fonts.intercomcdn.com *.mightynetworks.com *.mn.co; img-src 'self' blob: data: *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.chime.aws *.capterra.com *.google-analytics.com *.googlesyndication.com *.mightynetworks.com *.mn.co *.usersnap.com ajax.googleapis.com apis.google.com app.brightback.com bat.bing.com cdnjs.cloudflare.com cdn.embedly.com cdn.jsdelivr.net cdn.segment.com cdn.trackjs.com code.highcharts.com connect.facebook.net googleads.g.doubleclick.net js.intercomcdn.com js.stripe.com snap.licdn.com static.ads-twitter.com stats.pusher.com translate.google.com translate.googleapis.com widget.intercom.io www.datadoghq-browser-agent.com www.googletagmanager.com www.google.com www.gstatic.com www.googleadservices.com www.youtube.com analytics.tiktok.com; object-src 'none'; style-src 'self' blob: data: 'unsafe-inline' *.mightynetworks.com *.mn.co cdnjs.cloudflare.com cdn.jsdelivr.net fonts.googleapis.com; report-uri /api/web/v1/analytics/csp_violations
content-type
text/html; charset=utf-8
date
Mon, 19 Feb 2024 08:51:06 GMT
mighty-cluster
core-prod-a
mighty-env
production
mighty-location
production
mighty-runtime
k8s
mighty-service
frontend
p3p
CP="Mighty Networks does not have a P3P policy. The standard has been abandoned, see: http://fb.me/p3p"
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
strict-transport-security
max-age=2592000
x-content-type-options
nosniff
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-locale
en
x-mighty-prerender
false
x-permitted-cross-domain-policies
none
x-request-id
fcd8cf55-6f65-4667-9e02-c7d98ca30467
x-runtime
0.118122
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
857d441afd1f37e0-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Mon, 19 Feb 2024 08:51:06 GMT
Expires
Mon, 19 Feb 2024 09:51:06 GMT
Location
https://wellbeingmatters.mn.co/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
landing_page_application-af590cee4526c4043f38db7c6990b87b1155d5d3797971d79e57117dba007d7c.css
assets1-production.mightynetworks.com/assets/ 		1 MB
122 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/assets/landing_page_application-af590cee4526c4043f38db7c6990b87b1155d5d3797971d79e57117dba007d7c.css
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ff3e5902fbce6e67aedc9722794a565ff9d5330c00418e472b2e0ebd488abfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 22:24:12 GMT
content-encoding
gzip
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
469615
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
124274
last-modified
Tue, 13 Feb 2024 22:09:47 GMT
server
AmazonS3
etag
"20c443df612407296aaefd16f29c8b47"
vary
Origin
content-type
text/css
cache-control
public, max-age=31557600
accept-ranges
bytes
x-amz-cf-id
DM6IugKaMSYLO6KSondqlbDmQAKKwPlx-CtSe_98wEv3A1j2IC9ioA==
expires
Thu, 13 Feb 2025 04:09:46 GMT
application_responsive-f87a76ea34b8926c26e666b3dd812a74e6135c9afb16ebfd89442ec6e2df50d4.css
assets1-production.mightynetworks.com/assets/ 		159 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/assets/application_responsive-f87a76ea34b8926c26e666b3dd812a74e6135c9afb16ebfd89442ec6e2df50d4.css
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f87a76ea34b8926c26e666b3dd812a74e6135c9afb16ebfd89442ec6e2df50d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 02 Feb 2024 22:54:10 GMT
content-encoding
gzip
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
1418217
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21901
last-modified
Fri, 02 Feb 2024 22:46:41 GMT
server
AmazonS3
etag
"534a727a0c6ec15d6bfcd4b288aa0e63"
vary
Origin
content-type
text/css
cache-control
public, max-age=31557600
accept-ranges
bytes
x-amz-cf-id
XcRao4kfQjbRWlwsM86v1XV5hEGixkeQQGyg2sa3F1AAHKCfhh1Adg==
expires
Sun, 02 Feb 2025 04:46:40 GMT
c68f3c1b723a8a3dad9f41644eaab7598fdc59960b4f3e98459926683c26965e_v6.css
cdn.mn.co/theme/css/191F28/47BBD8/47BBD8/ 		91 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.mn.co/theme/css/191F28/47BBD8/47BBD8/c68f3c1b723a8a3dad9f41644eaab7598fdc59960b4f3e98459926683c26965e_v6.css
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c31d28aac3b3220e5103363029ec0ca18fd0c0dfe1fd7f16bbdfa08d61f1707d
Security Headers
Name Value
Content-Security-Policy default-src 'self' *.mightynetworks.com *.mn.co; child-src 'self' blob: *; connect-src 'self' *.akamaized.net *.amazonaws.com/upload.usersnap.com *.analytics.google.com *.chime.aws *.facebook.com *.google-analytics.com *.googlesyndication.com *.imgix.net *.live-video.net *.kaltura.com *.mightynetworks.com *.mn.co adservice.google.com api.getrewardful.com api.segment.io api.stripe.com api-iam.intercom.io app.brightback.com bat.bing.com capture.trackjs.com cdn.linkedin.oribi.io cdn.segment.com js.stripe.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com sockjs.pusher.com statsigapi.net stats.g.doubleclick.net translate.google.com translate.googleapis.com uploads.intercomcdn.com widget.usersnap.com ws.pusherapp.com www.google.com www.googletagmanager.com logs.browser-intake-datadoghq.com analytics.tiktok.com d8acyc0zqfjzr.cloudfront.net wss:; media-src 'self' blob: data: *; font-src 'self' data: fonts.gstatic.com fonts.intercomcdn.com *.mightynetworks.com *.mn.co; img-src 'self' blob: data: *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.chime.aws *.capterra.com *.google-analytics.com *.googlesyndication.com *.mightynetworks.com *.mn.co *.usersnap.com ajax.googleapis.com apis.google.com app.brightback.com bat.bing.com cdnjs.cloudflare.com cdn.embedly.com cdn.jsdelivr.net cdn.segment.com cdn.trackjs.com code.highcharts.com connect.facebook.net googleads.g.doubleclick.net js.intercomcdn.com js.stripe.com snap.licdn.com static.ads-twitter.com stats.pusher.com translate.google.com translate.googleapis.com widget.intercom.io www.datadoghq-browser-agent.com www.googletagmanager.com www.google.com www.gstatic.com www.googleadservices.com www.youtube.com analytics.tiktok.com; object-src 'none'; style-src 'self' blob: data: 'unsafe-inline' *.mightynetworks.com *.mn.co cdnjs.cloudflare.com cdn.jsdelivr.net fonts.googleapis.com; report-uri /api/web/v1/analytics/csp_violations
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-locale
en
date
Mon, 19 Feb 2024 08:51:06 GMT
content-security-policy
default-src 'self' *.mightynetworks.com *.mn.co; child-src 'self' blob: *; connect-src 'self' *.akamaized.net *.amazonaws.com/upload.usersnap.com *.analytics.google.com *.chime.aws *.facebook.com *.google-analytics.com *.googlesyndication.com *.imgix.net *.live-video.net *.kaltura.com *.mightynetworks.com *.mn.co adservice.google.com api.getrewardful.com api.segment.io api.stripe.com api-iam.intercom.io app.brightback.com bat.bing.com capture.trackjs.com cdn.linkedin.oribi.io cdn.segment.com js.stripe.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com sockjs.pusher.com statsigapi.net stats.g.doubleclick.net translate.google.com translate.googleapis.com uploads.intercomcdn.com widget.usersnap.com ws.pusherapp.com www.google.com www.googletagmanager.com logs.browser-intake-datadoghq.com analytics.tiktok.com d8acyc0zqfjzr.cloudfront.net wss:; media-src 'self' blob: data: *; font-src 'self' data: fonts.gstatic.com fonts.intercomcdn.com *.mightynetworks.com *.mn.co; img-src 'self' blob: data: *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.chime.aws *.capterra.com *.google-analytics.com *.googlesyndication.com *.mightynetworks.com *.mn.co *.usersnap.com ajax.googleapis.com apis.google.com app.brightback.com bat.bing.com cdnjs.cloudflare.com cdn.embedly.com cdn.jsdelivr.net cdn.segment.com cdn.trackjs.com code.highcharts.com connect.facebook.net googleads.g.doubleclick.net js.intercomcdn.com js.stripe.com snap.licdn.com static.ads-twitter.com stats.pusher.com translate.google.com translate.googleapis.com widget.intercom.io www.datadoghq-browser-agent.com www.googletagmanager.com www.google.com www.gstatic.com www.googleadservices.com www.youtube.com analytics.tiktok.com; object-src 'none'; style-src 'self' blob: data: 'unsafe-inline' *.mightynetworks.com *.mn.co cdnjs.cloudflare.com cdn.jsdelivr.net fonts.googleapis.com; report-uri /api/web/v1/analytics/csp_violations
mighty-cluster
core-prod-a
mighty-runtime
k8s
cf-cache-status
HIT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
1417497
strict-transport-security
max-age=2592000
content-encoding
gzip
mighty-env
production
p3p
CP="Mighty Networks does not have a P3P policy. The standard has been abandoned, see: http://fb.me/p3p"
x-xss-protection
1; mode=block
x-request-id
757cdc84-be17-439d-9541-01ad21d9ec8c
x-runtime
0.042824
referrer-policy
strict-origin-when-cross-origin
x-mighty-prerender
false
server
cloudflare
etag
W/"c31d28aac3b3220e5103363029ec0ca1"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
public, max-age=31536000
mighty-service
frontend
mighty-location
production
cf-ray
857d441eb9f94d38-FRA
expires
Tue, 18 Feb 2025 08:51:06 GMT
Wellbeing_Matters_-_500x500_logo.png
media1-production-mightynetworks.imgix.net/asset/7511928/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1-production-mightynetworks.imgix.net/asset/7511928/Wellbeing_Matters_-_500x500_logo.png?ixlib=rails-4.2.0&auto=format&w=64&h=64&fit=crop&impolicy=Avatar
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
c6c568632a8f2855940e5c5f7f2bb25c71c60fa78f6ac14202df2ceac0400b8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:06 GMT
x-content-type-options
nosniff
age
880505
x-cache
HIT, HIT
x-imgix-id
10b5b2899c9cc427f0289809dec32bd2374f8ffd
cross-origin-resource-policy
cross-origin
content-length
4127
x-served-by
cache-sjc10058-SJC, cache-fra-etou8220028-FRA
x-imgix-render-farm
01.132136
last-modified
Fri, 09 Feb 2024 04:16:00 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
Mulish-VariableFont_wght-7332c9ccfffae762443b654aeb1921713d05a57eb2198b0f5ec7e3f3ee3e2931.woff2
assets1-production.mightynetworks.com/assets/Mulish/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/assets/Mulish/Mulish-VariableFont_wght-7332c9ccfffae762443b654aeb1921713d05a57eb2198b0f5ec7e3f3ee3e2931.woff2
Requested by
Host: assets1-production.mightynetworks.com
URL: https://assets1-production.mightynetworks.com/assets/landing_page_application-af590cee4526c4043f38db7c6990b87b1155d5d3797971d79e57117dba007d7c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7332c9ccfffae762443b654aeb1921713d05a57eb2198b0f5ec7e3f3ee3e2931

Request headers

Referer
https://assets1-production.mightynetworks.com/assets/landing_page_application-af590cee4526c4043f38db7c6990b87b1155d5d3797971d79e57117dba007d7c.css
Origin
https://wellbeingmatters.mn.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 01:06:44 GMT
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
7544663
x-cache
Hit from cloudfront
content-length
77136
last-modified
Tue, 08 Nov 2022 17:30:38 GMT
server
AmazonS3
etag
"45cf8e4b0de7e3a59881480b2b93e082"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31557600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
qeEmSS5t569iVo-LUoAufGqlmihSzSVRYabvEJmoVe6vQxpskY6j6Q==
expires
Wed, 08 Nov 2023 23:30:37 GMT
Avatar500x500_-_MightyNetwork_-_Felecia_Froe.png
media1-production-mightynetworks.imgix.net/asset/7513884/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1-production-mightynetworks.imgix.net/asset/7513884/Avatar500x500_-_MightyNetwork_-_Felecia_Froe.png?ixlib=rails-4.2.0&auto=format&w=512&h=512&fit=crop&impolicy=Avatar
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5a8121c1a3714e017beb2067c89156cb2e48f50af212ec0f474e1c442fa9c84e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:06 GMT
x-content-type-options
nosniff
age
212656
x-cache
MISS, HIT
x-imgix-id
0e358b0a0bb37863980264cd574ff945598cee2d
cross-origin-resource-policy
cross-origin
content-length
53524
x-served-by
cache-sjc10062-SJC, cache-fra-etou8220028-FRA
x-imgix-render-farm
02.131624
last-modified
Fri, 16 Feb 2024 21:46:50 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
Logo_centered_-_Banner_Image_-_MightyNetwork_-_Felecia_Froe___2_.png
media1-production-mightynetworks.imgix.net/asset/7513387/ 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1-production-mightynetworks.imgix.net/asset/7513387/Logo_centered_-_Banner_Image_-_MightyNetwork_-_Felecia_Froe___2_.png?ixlib=rails-4.2.0&fm=jpg&q=75&auto=format&w=2880&h=1152&fit=crop&impolicy=ResizeCrop
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
5410f8f1435181982ba551dfa31b63ca183a02ae3ddf0957fc8e21c2ea27ae8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:06 GMT
x-content-type-options
nosniff
age
411826
x-cache
HIT, HIT
x-imgix-id
fc1818e3ba534a2401446724554560da3c3f94ec
cross-origin-resource-policy
cross-origin
content-length
168825
x-served-by
cache-sjc10032-SJC, cache-fra-etou8220028-FRA
x-imgix-render-farm
01.132136
last-modified
Wed, 14 Feb 2024 14:27:20 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
Felecia_Froe_-_TV_Appearance_-_Video_Thumbnail_Image.png
media1-production-mightynetworks.imgix.net/asset/7512613/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1-production-mightynetworks.imgix.net/asset/7512613/Felecia_Froe_-_TV_Appearance_-_Video_Thumbnail_Image.png?ixlib=rails-0.3.0&fm=jpg&q=75&auto=format&w=1200&h=675&fit=crop
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
174d716a4e0e85a76e716f9165898c2d43956baefd770ce91edbe9f8afa1cecc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:06 GMT
x-content-type-options
nosniff
age
422874
x-cache
HIT, HIT
x-imgix-id
b9f8baddce72f91d79ed5b35e616f78ec186c958
cross-origin-resource-policy
cross-origin
content-length
34227
x-served-by
cache-sjc1000111-SJC, cache-fra-etou8220028-FRA
x-imgix-render-farm
01.132136
last-modified
Wed, 14 Feb 2024 11:23:12 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
imacfront_-_Free_book_-_Felecia_Froe.jpg
media1-production-mightynetworks.imgix.net/asset/7512265/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1-production-mightynetworks.imgix.net/asset/7512265/imacfront_-_Free_book_-_Felecia_Froe.jpg?ixlib=rails-0.3.0&fm=jpg&q=75&auto=format&w=1400&h=1400&fit=max
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
05ff571d52e746d3b487e0559b07068c9d255a998ab2b487058399b16cb50690
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:06 GMT
x-content-type-options
nosniff
age
2106083
x-cache
HIT, HIT
x-imgix-id
3125839f133ed467550f36968057ef1cf690b043
cross-origin-resource-policy
cross-origin
content-length
101314
x-served-by
cache-sjc10060-SJC, cache-fra-etou8220028-FRA
x-imgix-render-farm
02.131624
last-modified
Thu, 25 Jan 2024 23:49:43 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
TakeBackControl__1_.jpg
media1-production-mightynetworks.imgix.net/asset/7512770/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1-production-mightynetworks.imgix.net/asset/7512770/TakeBackControl__1_.jpg?ixlib=rails-0.3.0&fm=jpg&q=75&auto=format&w=1400&h=1400&fit=max
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ce1154eed96b96fe53d9914ccd2967d6c8ab96660a1c63303d50d333c5846702
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:06 GMT
x-content-type-options
nosniff
age
1296970
x-cache
HIT, HIT
x-imgix-id
8df0ffd8dbeb7f0f57bc53617dc7b540ba54d28e
cross-origin-resource-policy
cross-origin
content-length
105601
x-served-by
cache-sjc10044-SJC, cache-fra-etou8220028-FRA
x-imgix-render-farm
02.131624
last-modified
Sun, 04 Feb 2024 08:34:56 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
The_Hunger_Project_-_logo.png
media1-production-mightynetworks.imgix.net/asset/7512285/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1-production-mightynetworks.imgix.net/asset/7512285/The_Hunger_Project_-_logo.png?ixlib=rails-0.3.0&fm=jpg&q=75&auto=format&w=1400&h=1400&fit=max
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
0beb2a8c5f007b7981cf7e0c4d0aead987592ca2c85dda87ebd00666e82faa8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:06 GMT
x-content-type-options
nosniff
age
3035581
x-cache
HIT, HIT
x-imgix-id
078dafb99a75617db82f2b3a9545aee6136fd111
cross-origin-resource-policy
cross-origin
content-length
21202
x-served-by
cache-sjc10046-SJC, cache-fra-etou8220028-FRA
x-imgix-render-farm
01.140328
last-modified
Mon, 15 Jan 2024 05:38:05 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
white_with_text-6d01ca670adc0a3483175d1337065d53d3ccbafea555dca5ba54b7bc1423556b.png
assets1-production-mightynetworks.imgix.net/assets/logos/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1-production-mightynetworks.imgix.net/assets/logos/white_with_text-6d01ca670adc0a3483175d1337065d53d3ccbafea555dca5ba54b7bc1423556b.png
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
6d01ca670adc0a3483175d1337065d53d3ccbafea555dca5ba54b7bc1423556b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:06 GMT
x-content-type-options
nosniff
age
993128
x-cache
HIT, HIT
x-imgix-id
64fdfa7aa27e8273f5ed16c8266daddb1affc2ab
cross-origin-resource-policy
cross-origin
content-length
11521
x-served-by
cache-sjc10026-SJC, cache-fra-etou8220028-FRA
x-imgix-render-farm
01.132136
last-modified
Wed, 07 Feb 2024 20:49:11 GMT
server
imgix
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
cookieconsent-20412e1b40a5ed5be45eb71b2ff446e5f83eb7bed2a9e22c27a4e6b1f10dbf79.js
assets1-production.mightynetworks.com/assets/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/assets/cookieconsent-20412e1b40a5ed5be45eb71b2ff446e5f83eb7bed2a9e22c27a4e6b1f10dbf79.js
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
20412e1b40a5ed5be45eb71b2ff446e5f83eb7bed2a9e22c27a4e6b1f10dbf79

Request headers

Referer
https://wellbeingmatters.mn.co/
Origin
https://wellbeingmatters.mn.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 06 Jan 2024 04:10:00 GMT
content-encoding
gzip
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
3818467
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
6943
last-modified
Thu, 31 Aug 2023 01:00:46 GMT
server
AmazonS3
etag
"d27798a81abe122fb7dd3c8bd58a72c4"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
iPS8lPshgB2BsOAWBPYPB6AH63rBnkqhsJ4JWhJglm_V-rya-qT0ow==
expires
Fri, 30 Aug 2024 07:00:45 GMT
tml-lite-239b7a6f3b0714149370.js
assets1-production.mightynetworks.com/apps/js/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/apps/js/tml-lite-239b7a6f3b0714149370.js
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
72f397f7382e865be012461683943337899cbd8a4a0e515ef2b32c879f57e21c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:29:01 GMT
content-encoding
gzip
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
202926
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
21766
last-modified
Sat, 17 Feb 2024 00:23:54 GMT
server
AmazonS3
etag
"043f03fafecda102ed3e1f694a2f4566"
vary
Origin
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
x-amz-cf-id
qUPQbS1gJ_Rb75UVQ1Q99CaJ4KT7znNRZLgMqQq88bKdaFkzDCTfYg==
expires
Sun, 16 Feb 2025 06:23:53 GMT
core_libs-50028e25c435389f59e9958f8f24e91076a7e96bc265726c445398282986f528.js
assets1-production.mightynetworks.com/assets/ 		2 MB
282 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/assets/core_libs-50028e25c435389f59e9958f8f24e91076a7e96bc265726c445398282986f528.js
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50028e25c435389f59e9958f8f24e91076a7e96bc265726c445398282986f528

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:30:09 GMT
content-encoding
gzip
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
202858
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
288276
last-modified
Sat, 17 Feb 2024 00:21:54 GMT
server
AmazonS3
etag
"e3fe3f05b1e3755b9c6e804e1d9c3f3e"
vary
Origin
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
x-amz-cf-id
g6eE6HUlFNSFIh3jCtbI5kdeui80ilFf5yA1gsF68J6b4uHEISZH2g==
expires
Sun, 16 Feb 2025 06:21:53 GMT
routes-5115b65ea56ac97d85bd.js
assets1-production.mightynetworks.com/apps/js/ 		245 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/apps/js/routes-5115b65ea56ac97d85bd.js
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77d13ff1c0b365e27559c13d79ecbd841f2ac464e42007886521e067a2a3c24a

Request headers

Referer
https://wellbeingmatters.mn.co/
Origin
https://wellbeingmatters.mn.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 06:49:58 GMT
content-encoding
gzip
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
180069
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
31213
last-modified
Sat, 17 Feb 2024 00:23:54 GMT
server
AmazonS3
etag
"c38b4c2eadd2cebe8b43bfd424b6ad4c"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
U1ZeLScwqjziYGhd1FCQDJ1a9LQUoJRjrFBgi-6f7uewlopWOv7vbw==
expires
Sun, 16 Feb 2025 06:23:53 GMT
page_boot-a53033492852bcf24c12.js
assets1-production.mightynetworks.com/apps/js/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/apps/js/page_boot-a53033492852bcf24c12.js
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e60129534022961edff75de8149dbf8120a0053221c80303dddd9d0b1f523a1e

Request headers

Referer
https://wellbeingmatters.mn.co/
Origin
https://wellbeingmatters.mn.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 06:49:58 GMT
content-encoding
gzip
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
180068
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
15097
last-modified
Sat, 17 Feb 2024 00:23:53 GMT
server
AmazonS3
etag
"654112b4a477384281fa9150b1932452"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
Wp61VsLtDjKAo5aih7DLweJdQeoEhQ7N8trvGBr83aXlbOkMMZQYHw==
expires
Sun, 16 Feb 2025 06:23:52 GMT
6d0150badf016a68293445afefddded5b1c69c3ee3bc4c769ed8d0d44dcc9136.js
cdn.mn.co/client_settings/ 		172 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mn.co/client_settings/6d0150badf016a68293445afefddded5b1c69c3ee3bc4c769ed8d0d44dcc9136.js
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.138.52 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f62c876c81d1b6a289ae078e7ece90c2c6d323b6747f5cf6a2cb526c35e5f74
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellbeingmatters.mn.co/
Origin
https://wellbeingmatters.mn.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:06 GMT
mighty-runtime
k8s
mighty-cluster
core-prod-a
x-content-type-options
nosniff
cf-cache-status
HIT
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=2592000
age
149084
content-encoding
gzip
mighty-env
production
x-xss-protection
1; mode=block
x-request-id
29240c34-5c38-483d-bc10-79a15e653b3f
x-runtime
0.018416
referrer-policy
strict-origin-when-cross-origin
x-mighty-prerender
false
server
cloudflare
etag
W/"2f62c876c81d1b6a289ae078e7ece90c"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
mighty-service
frontend
mighty-location
production
cf-ray
857d441f7d9390dd-FRA
expires
Tue, 18 Feb 2025 08:51:06 GMT
application_landing_page-911b193555e7206f83e73af68075cc8f9cbb6d505deb8205297f3b31b665be29.js
assets1-production.mightynetworks.com/assets/ 		2 MB
364 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/assets/application_landing_page-911b193555e7206f83e73af68075cc8f9cbb6d505deb8205297f3b31b665be29.js
Requested by
Host: wellbeingmatters.mn.co
URL: https://wellbeingmatters.mn.co/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
911b193555e7206f83e73af68075cc8f9cbb6d505deb8205297f3b31b665be29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 00:30:09 GMT
content-encoding
gzip
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
202858
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
371954
last-modified
Sat, 17 Feb 2024 00:21:54 GMT
server
AmazonS3
etag
"8f561149d08cb702b00dac9f39c3c68f"
vary
Origin
content-type
application/javascript
cache-control
public, max-age=31557600
accept-ranges
bytes
x-amz-cf-id
rexHC81PetKkuUVEmHSha1gGCAYFmn0O9Rn6s0lBI5cKDK6B7YZIsg==
expires
Sun, 16 Feb 2025 06:21:53 GMT
play_button-ae9e7e6ff08af47b7911ba87cc023490b9e8619b63bbd2ee770320cdde3be744.png
assets1-production.mightynetworks.com/assets/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1-production.mightynetworks.com/assets/play_button-ae9e7e6ff08af47b7911ba87cc023490b9e8619b63bbd2ee770320cdde3be744.png
Requested by
Host: assets1-production.mightynetworks.com
URL: https://assets1-production.mightynetworks.com/assets/landing_page_application-af590cee4526c4043f38db7c6990b87b1155d5d3797971d79e57117dba007d7c.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae9e7e6ff08af47b7911ba87cc023490b9e8619b63bbd2ee770320cdde3be744

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://assets1-production.mightynetworks.com/assets/landing_page_application-af590cee4526c4043f38db7c6990b87b1155d5d3797971d79e57117dba007d7c.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 31 Jan 2024 22:19:22 GMT
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
last-modified
Thu, 17 Sep 2020 18:17:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
1593105
etag
"169c7eeab3b731489ed6a1e9f82f57d1"
vary
Origin
x-cache
Hit from cloudfront
content-type
image/png
cache-control
public, max-age=31557600
accept-ranges
bytes
content-length
13936
x-amz-cf-id
smt6ZRSklqwAz1Z54csMdtayp1eYMTh7WKVF8UkCeCiAmH9gapBgYQ==
expires
Sat, 18 Sep 2021 00:17:10 GMT
video_bundle-77fa87207b770eb3ff5f0a1a872daa0d7225834540c28fafc6c14506dd69f58d.js
assets1-production.mightynetworks.com/assets/ 		542 KB
150 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/assets/video_bundle-77fa87207b770eb3ff5f0a1a872daa0d7225834540c28fafc6c14506dd69f58d.js
Requested by
Host: assets1-production.mightynetworks.com
URL: https://assets1-production.mightynetworks.com/assets/application_landing_page-911b193555e7206f83e73af68075cc8f9cbb6d505deb8205297f3b31b665be29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77fa87207b770eb3ff5f0a1a872daa0d7225834540c28fafc6c14506dd69f58d

Request headers

Referer
https://wellbeingmatters.mn.co/
Origin
https://wellbeingmatters.mn.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:05:08 GMT
content-encoding
gzip
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
7537559
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
153035
last-modified
Thu, 17 Aug 2023 23:55:52 GMT
server
AmazonS3
etag
"c879f3a55fc684d4de59570d1e73384b"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
H85IUr0-8CIVxiyhOH9JKQ5VMau5eeMSzJCtWCcsy_Pm7_yzvJXFdA==
expires
Sat, 17 Aug 2024 05:55:51 GMT
helpers_bundle-440d77fa1697159531b7.js
assets1-production.mightynetworks.com/apps/js/ 		342 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/apps/js/helpers_bundle-440d77fa1697159531b7.js
Requested by
Host: assets1-production.mightynetworks.com
URL: https://assets1-production.mightynetworks.com/assets/application_landing_page-911b193555e7206f83e73af68075cc8f9cbb6d505deb8205297f3b31b665be29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
03dbe6e75cac701c173566ee72e27639776729977dbcd4be4da881db821b7e03

Request headers

Referer
https://wellbeingmatters.mn.co/
Origin
https://wellbeingmatters.mn.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 07:11:22 GMT
content-encoding
gzip
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
178785
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
106482
last-modified
Sat, 17 Feb 2024 00:23:52 GMT
server
AmazonS3
etag
"b77ceaa791ba2c0ae59a244d331a8d34"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
YIIppdHl79uZeroPunobHzVUsfOIA7g5I_rdlue3-9RJ2-PUSI_KUA==
expires
Sun, 16 Feb 2025 06:23:51 GMT
api.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG
Requested by
Host: assets1-production.mightynetworks.com
URL: https://assets1-production.mightynetworks.com/assets/application_landing_page-911b193555e7206f83e73af68075cc8f9cbb6d505deb8205297f3b31b665be29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c92a59904f3b7e49f5c89669445299f3dd20c2e02e475e91180b239a079d7f79
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 19 Feb 2024 08:51:07 GMT
fd2bf408-7adc-4d6f-958c-f7380fd0911b
https://wellbeingmatters.mn.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://wellbeingmatters.mn.co/fd2bf408-7adc-4d6f-958c-f7380fd0911b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
video_youtube_bundle-5f3be2e733fdb68177771f8daa72566879598ac172ff15c49324ef5bf210041c.js
assets1-production.mightynetworks.com/assets/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets1-production.mightynetworks.com/assets/video_youtube_bundle-5f3be2e733fdb68177771f8daa72566879598ac172ff15c49324ef5bf210041c.js
Requested by
Host: assets1-production.mightynetworks.com
URL: https://assets1-production.mightynetworks.com/assets/application_landing_page-911b193555e7206f83e73af68075cc8f9cbb6d505deb8205297f3b31b665be29.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f3be2e733fdb68177771f8daa72566879598ac172ff15c49324ef5bf210041c

Request headers

Referer
https://wellbeingmatters.mn.co/
Origin
https://wellbeingmatters.mn.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 13 Jan 2024 12:08:57 GMT
content-encoding
gzip
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
3184931
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
3246
last-modified
Thu, 17 Aug 2023 23:55:52 GMT
server
AmazonS3
etag
"b56cef6a8fa8defe07d763fb515ab98a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31557600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
h69ZB9QQMljDSWFuNQF-lsvSzHxdjSiKgWkjUGle2Q9fDvE6__gLEA==
expires
Sat, 17 Aug 2024 05:55:51 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: assets1-production.mightynetworks.com
URL: https://assets1-production.mightynetworks.com/assets/video_youtube_bundle-5f3be2e733fdb68177771f8daa72566879598ac172ff15c49324ef5bf210041c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
37ca6f3935fd2598ee98ca7013ad5f2c3e1f834efb8bbb24f3c4ba9d5d7849ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-3egNTSjL3Q6nofc7AtGICg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Mon, 19 Feb 2024 08:51:07 GMT
Felecia_Froe_-_TV_Appearance_-_Video_Thumbnail_Image.png
media1-production-mightynetworks.imgix.net/asset/7512613/ 		33 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1-production-mightynetworks.imgix.net/asset/7512613/Felecia_Froe_-_TV_Appearance_-_Video_Thumbnail_Image.png?ixlib=rails-0.3.0&fm=jpg&q=75&auto=format&w=1200&h=675&fit=crop
Requested by
Host: assets1-production.mightynetworks.com
URL: https://assets1-production.mightynetworks.com/assets/core_libs-50028e25c435389f59e9958f8f24e91076a7e96bc265726c445398282986f528.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
174d716a4e0e85a76e716f9165898c2d43956baefd770ce91edbe9f8afa1cecc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
x-content-type-options
nosniff
age
422874
x-cache
HIT, HIT
x-imgix-id
b9f8baddce72f91d79ed5b35e616f78ec186c958
cross-origin-resource-policy
cross-origin
content-length
34227
x-served-by
cache-sjc1000111-SJC, cache-fra-etou8220028-FRA
x-imgix-render-farm
01.132136
last-modified
Wed, 14 Feb 2024 11:23:12 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
recaptcha__de.js
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ 		492 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellbeingmatters.mn.co/
Origin
https://wellbeingmatters.mn.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 16:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201084
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 03:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Feb 2025 16:28:09 GMT
events
wellbeingmatters.mn.co/api/web/v1/analytics/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wellbeingmatters.mn.co/api/web/v1/analytics/events
Requested by
Host: assets1-production.mightynetworks.com
URL: https://assets1-production.mightynetworks.com/assets/core_libs-50028e25c435389f59e9958f8f24e91076a7e96bc265726c445398282986f528.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.128.53 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://wellbeingmatters.mn.co/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-locale
en
date
Mon, 19 Feb 2024 08:51:07 GMT
mighty-runtime
k8s
mighty-cluster
core-prod-a
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
strict-transport-security
max-age=2592000
p3p
CP="Mighty Networks does not have a P3P policy. The standard has been abandoned, see: http://fb.me/p3p"
mighty-env
production
x-xss-protection
1; mode=block
x-request-id
9fa65c7b-fddf-473b-a1cc-779f430063d8
x-runtime
0.030637
referrer-policy
strict-origin-when-cross-origin
x-mighty-prerender
false
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
cache-control
no-cache
mighty-service
frontend
mighty-location
production
cf-ray
857d4420fbf34d38-FRA
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/svg+xml
mighty_qr_code_logomark-61b56c65caf6b75f30bb50625d86eefa30febd19e41a5981e8a1390f4c5aa353.svg
assets1-production.mightynetworks.com/assets/icons/ 		413 B
829 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1-production.mightynetworks.com/assets/icons/mighty_qr_code_logomark-61b56c65caf6b75f30bb50625d86eefa30febd19e41a5981e8a1390f4c5aa353.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61b56c65caf6b75f30bb50625d86eefa30febd19e41a5981e8a1390f4c5aa353

Request headers

Referer
https://wellbeingmatters.mn.co/
Origin
https://wellbeingmatters.mn.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:08 GMT
content-encoding
gzip
via
1.1 9b7b71910b45e646f6476bbd270127a4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
274
last-modified
Wed, 31 May 2023 22:03:12 GMT
server
AmazonS3
etag
"04d14a5c0ec8a1823143b02c81fd8129"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31557600
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges
bytes
x-amz-cf-id
eJ2FlaD9IFPbY8Rs7V31PTOp7sCHo7k_0mAq1ID647LM7RCMOvp92A==
expires
Fri, 31 May 2024 04:03:11 GMT
Felecia_Froe_-_TV_Appearance_-_Video_Thumbnail_Image.png
media1-production-mightynetworks.imgix.net/asset/7512613/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media1-production-mightynetworks.imgix.net/asset/7512613/Felecia_Froe_-_TV_Appearance_-_Video_Thumbnail_Image.png?ixlib=rails-0.3.0&fm=jpg&q=75&auto=format&w=1200&h=675&fit=crop
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
174d716a4e0e85a76e716f9165898c2d43956baefd770ce91edbe9f8afa1cecc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
x-content-type-options
nosniff
age
422874
x-cache
HIT, HIT
x-imgix-id
b9f8baddce72f91d79ed5b35e616f78ec186c958
cross-origin-resource-policy
cross-origin
content-length
34227
x-served-by
cache-sjc1000111-SJC, cache-fra-etou8220028-FRA
x-imgix-render-farm
01.132136
last-modified
Wed, 14 Feb 2024 11:23:12 GMT
server
imgix
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
www-widgetapi.js
www.youtube.com/s/player/5683fc5e/www-widgetapi.vflset/ 		216 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70558a2c8e7c705fd142fc56878177a8233a1c522a432a556cf5df1710fa203d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:05:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
2725
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68371
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Tue, 18 Feb 2025 08:05:42 GMT
anchor
www.google.com/recaptcha/api2/ Frame 6BD4 		45 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG&co=aHR0cHM6Ly93ZWxsYmVpbmdtYXR0ZXJzLm1uLmNvOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=invisible&cb=ldobu9cyht5u
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3ff01852f6b39dd6146192b4dbd5fc5565175f1703a892f0ea293c76be4b6459
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-I7_mmHXU4BVp431JId89Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wellbeingmatters.mn.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-I7_mmHXU4BVp431JId89Kg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 19 Feb 2024 08:51:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
oB11_PUQDug
www.youtube.com/embed/ Frame 0A8D 		90 KB
37 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-widgetapi.vflset/www-widgetapi.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
827cd6ea3d17e447f85fd4d2ec4d3e45c3fe09f9de91d8dbb38e4c79b3869343
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wellbeingmatters.mn.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-3ADsxw9M6ZP8pdOQEyFvcA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Mon, 19 Feb 2024 08:51:07 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
styles__ltr.css
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame 6BD4 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG&co=aHR0cHM6Ly93ZWxsYmVpbmdtYXR0ZXJzLm1uLmNvOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=invisible&cb=ldobu9cyht5u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 05:01:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 03:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 18 Feb 2025 05:01:35 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/ Frame 6BD4 		492 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG&co=aHR0cHM6Ly93ZWxsYmVpbmdtYXR0ZXJzLm1uLmNvOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=invisible&cb=ldobu9cyht5u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 16:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
201084
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 03:00:37 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Feb 2025 16:28:09 GMT
www-player.css
www.youtube.com/s/player/5683fc5e/ Frame 0A8D 		366 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 11:45:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
75937
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48183
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 17 Feb 2025 11:45:30 GMT
embed.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/ Frame 0A8D 		53 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5e8c7255c99441c92156a5f1b40520c4fa563b2edf94dc7101d0e33fa7bec3ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 20:42:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
43717
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16779
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 17 Feb 2025 20:42:30 GMT
www-embed-player.js
www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/ Frame 0A8D 		318 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 23:01:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
35356
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
96927
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 17 Feb 2025 23:01:51 GMT
base.js
www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/ Frame 0A8D 		2 MB
776 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88d25b8c03e76364c6c7bbdd74f9686429648ee83a9367ee8347f8ed9e5acb11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sun, 18 Feb 2024 17:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
794425
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 05:24:59 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 17 Feb 2025 17:19:48 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0A8D 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:50:21 GMT
x-content-type-options
nosniff
age
518446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:50:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0A8D 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:09:14 GMT
x-content-type-options
nosniff
age
517313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:09:14 GMT
YNxvpUI_pv4_zU5Ebw8L1bORgKToF_ub42F5gJowWfw.js
www.google.com/js/bg/ Frame 6BD4 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/YNxvpUI_pv4_zU5Ebw8L1bORgKToF_ub42F5gJowWfw.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60dc6fa5423fa6fe3fcd4e446f0f0bd5b39180a4e817fb9be36179809a3059fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG&co=aHR0cHM6Ly93ZWxsYmVpbmdtYXR0ZXJzLm1uLmNvOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=invisible&cb=ldobu9cyht5u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Sat, 17 Feb 2024 18:15:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
138945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6955
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 16 Feb 2025 18:15:22 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 6BD4 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/yiNW3R9jkyLVP5-EEZLDzUtA/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:53:46 GMT
x-content-type-options
nosniff
age
518241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Tue, 20 Feb 2024 08:53:46 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6BD4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG&co=aHR0cHM6Ly93ZWxsYmVpbmdtYXR0ZXJzLm1uLmNvOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=invisible&cb=ldobu9cyht5u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:50:21 GMT
x-content-type-options
nosniff
age
518446
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:50:21 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 6BD4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG&co=aHR0cHM6Ly93ZWxsYmVpbmdtYXR0ZXJzLm1uLmNvOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=invisible&cb=ldobu9cyht5u
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:09:14 GMT
x-content-type-options
nosniff
age
517313
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:09:14 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 6BD4 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG&co=aHR0cHM6Ly93ZWxsYmVpbmdtYXR0ZXJzLm1uLmNvOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=invisible&cb=ldobu9cyht5u
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
006075ca8435aa619a3a6885f3d63c6623f827ef97211e4a20b4f640d98e0f8b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Le5QKoaAAAAAPtr4o5JaXn8mdXuqNC26ENCpoLG&co=aHR0cHM6Ly93ZWxsYmVpbmdtYXR0ZXJzLm1uLmNvOjQ0Mw..&hl=de&v=yiNW3R9jkyLVP5-EEZLDzUtA&size=invisible&cb=ldobu9cyht5u
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Mon, 19 Feb 2024 08:51:07 GMT
id
googleads.g.doubleclick.net/pagead/ Frame 0A8D
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
242 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Protocol
H2
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
784f9592efc4ea8d5f010cd6c1c29d7f5b85ef734e6ba8526aaff31bed850c21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Mon, 19 Feb 2024 08:51:07 GMT
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 0A8D 		29 B
495 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:42:15 GMT
x-content-type-options
nosniff
age
532
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 19 Feb 2024 08:57:15 GMT
1
stats.pusher.com/timeline/v2/jsonp/ 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.pusher.com/timeline/v2/jsonp/1?session=NjQ5NzYxNjQx&bundle=MQ%3D%3D&key=YTEzYmUxODUxMjYyMjliMWE4ZmU%3D&lib=anM%3D&version=NC4yLjI%3D&features=WyJ3cyJd&timeline=W3siaW5zdGFuY2VzIjoxLCJ0aW1lc3RhbXAiOjE3MDgzMzI2NjY5ODR9LHsic3RhdGUiOiJjb25uZWN0aW5nIiwidGltZXN0YW1wIjoxNzA4MzMyNjY2OTg0fSx7ImNpZCI6MSwidHJhbnNwb3J0Ijoid3NzIiwidGltZXN0YW1wIjoxNzA4MzMyNjY2OTg1fSx7ImNpZCI6MSwic3RhdGUiOiJpbml0aWFsaXplZCIsInRpbWVzdGFtcCI6MTcwODMzMjY2Njk4NX0seyJjaWQiOjEsInN0YXRlIjoiY29ubmVjdGluZyIsInRpbWVzdGFtcCI6MTcwODMzMjY2Njk4Nn0seyJjaWQiOjEsInN0YXRlIjoib3BlbiIsInRpbWVzdGFtcCI6MTcwODMzMjY2NzM1NH0seyJzdGF0ZSI6ImNvbm5lY3RlZCIsInBhcmFtcyI6eyJzb2NrZXRfaWQiOiI2NTk2MzQuMjU1NzYzMCJ9LCJ0aW1lc3RhbXAiOjE3MDgzMzI2NjczOTF9XQ%3D%3D
Requested by
Host: assets1-production.mightynetworks.com
URL: https://assets1-production.mightynetworks.com/assets/core_libs-50028e25c435389f59e9958f8f24e91076a7e96bc265726c445398282986f528.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.210.219.229 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-210-219-229.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
server
awselb/2.0
content-length
0
content-type
application/javascript; charset=utf-8
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 19 Feb 2024 08:51:07 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0A8D 		87 KB
40 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b68d6800899b033458438b9b7e9ea26820126476e53a7719ffa19ce1870aba8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
40823
x-xss-protection
0
gjWWHarTI5brWqSffnm9wpDvyBVcOL9JalIcjA8AoV4.js
www.google.com/js/th/ Frame 0A8D 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/gjWWHarTI5brWqSffnm9wpDvyBVcOL9JalIcjA8AoV4.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8235961daad32396eb5aa49f7e79bdc290efc8155c38bf496a521c8c0f00a15e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 14 Feb 2024 06:12:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
441520
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19703
x-xss-protection
0
last-modified
Mon, 12 Feb 2024 13:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 13 Feb 2025 06:12:27 GMT
maxresdefault.webp
i.ytimg.com/vi_webp/oB11_PUQDug/ Frame 0A8D 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/oB11_PUQDug/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8bec80019a23251e9a0ff9aa18b3c6dddc3d04110732cb20694b6788aa6e523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
x-content-type-options
nosniff
server
sffe
etag
"1548723949"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46410
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 19 Feb 2024 10:51:07 GMT
truncated
/ Frame 0A8D 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type
image/png
AIf8zZQOsnYgCh5ksAeu8hW9LKVNXqkxHYqEXXbdZbXAbg=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 0A8D 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/ytc/AIf8zZQOsnYgCh5ksAeu8hW9LKVNXqkxHYqEXXbdZbXAbg=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
7065ea60f0a9ebcb7fb9db5e4ac761a32ded667b09d62131a2299b78abe5a753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 06:24:03 GMT
x-content-type-options
nosniff
age
8824
cross-origin-resource-policy
cross-origin
content-disposition
inline;filename="unnamed.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4337
x-xss-protection
0
server
fife
etag
"vc0"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Tue, 20 Feb 2024 06:24:03 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 19 Feb 2024 08:51:07 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0A8D 		90 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7751cb4b71cd5c3af68c28f6e22f32ffab6d4eb397cb064c5886246733f1be6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110
x-xss-protection
0
mighty_qr_code_logomark-61b56c65caf6b75f30bb50625d86eefa30febd19e41a5981e8a1390f4c5aa353.svg
assets1-production.mightynetworks.com/assets/icons/ 		413 B
714 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets1-production.mightynetworks.com/assets/icons/mighty_qr_code_logomark-61b56c65caf6b75f30bb50625d86eefa30febd19e41a5981e8a1390f4c5aa353.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.26.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-26-75.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
61b56c65caf6b75f30bb50625d86eefa30febd19e41a5981e8a1390f4c5aa353

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://wellbeingmatters.mn.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 25 Dec 2023 01:31:54 GMT
content-encoding
gzip
via
1.1 837a869ba82f4a85a2e5810b11746698.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
4864754
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
274
last-modified
Wed, 31 May 2023 22:03:12 GMT
server
AmazonS3
etag
"04d14a5c0ec8a1823143b02c81fd8129"
vary
Origin
content-type
image/svg+xml
cache-control
public, max-age=31557600
accept-ranges
bytes
x-amz-cf-id
d9xTA3v97KYpFDNO_9AXjOQuYIEw0KhCGqBOqT5QBbIg2v1rY23dPg==
expires
Fri, 31 May 2024 04:03:11 GMT
embedded_player
www.youtube.com/youtubei/v1/ Frame 0A8D 		36 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/embedded_player?key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8&prettyPrint=false
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d8bf20fba9e8920b05edbed75ede46a103cdeac60cfb038bd7e29ce3275f4727
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Youtube-Bootstrap-Logged-In
false
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type
application/json
Referer
https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
X-Youtube-Client-Name
56
X-Youtube-Client-Version
1.20240213.01.00
X-Goog-Visitor-Id
CgtjZVJjT2xIZXdRbyj7rMyuBjIKCgJERRIEEgAgXA%3D%3D

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23458
x-xss-protection
0
generate_204
www.youtube.com/ Frame 0A8D 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?VMiLZA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
maxresdefault.webp
i.ytimg.com/vi_webp/oB11_PUQDug/ Frame 0A8D 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/oB11_PUQDug/maxresdefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/player_ias.vflset/en_US/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8bec80019a23251e9a0ff9aa18b3c6dddc3d04110732cb20694b6788aa6e523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Mon, 19 Feb 2024 08:51:07 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46410
x-xss-protection
0
server
sffe
etag
"1548723949"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Mon, 19 Feb 2024 10:51:07 GMT
log_event
www.youtube.com/youtubei/v1/ Frame 0A8D 		28 B
50 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/5683fc5e/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
X-Goog-Request-Time
1708332669439
Content-Type
application/json
X-YouTube-Utc-Offset
60
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/oB11_PUQDug?controls=0&modestbranding=1&rel=0&showinfo=0&loop=0&fs=0&hl=en&enablejsapi=1&origin=https%3A%2F%2Fwellbeingmatters.mn.co&widgetid=1
X-YouTube-Client-Version
1.20240213.01.00
X-YouTube-Time-Zone
Europe/Berlin
X-Goog-Visitor-Id
CgtjZVJjT2xIZXdRbyj7rMyuBjIKCgJERRIEEgAgXA%3D%3D
X-YouTube-Ad-Signals
dt=1708332667267&flash=0&frm=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C700%2C394&vis=1&wgl=true&ca_type=image

Response headers

date
Mon, 19 Feb 2024 08:51:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31
x-xss-protection
0

Verdicts & Comments Add Verdict or Comment

135 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| OBSERVABILITY_CONFIG object| ANALYTICS_CONFIG function| gtag object| eventParams string| statsig_project_id string| experiment_data object| dataLayer function| initCookieConsent object| tml function| trl function| tr function| time function| date function| number_format function| truncate_format function| Rainbow function| ColourGradient object| _gsScope object| Marionette object| start function| mark function| $ function| jQuery function| _ object| Backbone object| Handlebars function| moment function| QRCodeStyling object| NON_MODIFYING_KEY_CODES object| Placeholders object| Humanize object| Papa function| Pusher function| PusherBatchAuthorizer object| GreenSockGlobals object| com function| _gsDefine function| Ease function| Power4 function| Strong function| Quint function| Power3 function| Quart function| Power2 function| Cubic function| Power1 function| Quad function| Power0 function| Linear function| TweenLite function| TweenPlugin object| _gsQueue function| CSSPlugin function| BackOut function| BackIn function| BackInOut object| Back function| SlowMo function| SteppedEase function| RoughEase function| BounceOut function| BounceIn function| BounceInOut object| Bounce function| CircOut function| CircIn function| CircInOut object| Circ function| ElasticOut function| ElasticIn function| ElasticInOut object| Elastic function| ExpoOut function| ExpoIn function| ExpoInOut object| Expo function| SineOut function| SineIn function| SineInOut object| Sine object| EaseLookup function| tinycolor object| paceOptions object| Pace function| uuidv4 function| PasswordStrength object| Routes object| M object| Mighty object| HandlebarsTemplates object| cookieconsent function| confirmedCallback function| rejectedCallback boolean| pastFirstPage object| vttjs function| WebVTT function| videojs function| $f function| Froogaloop undefined| Vimeo function| setImmediate function| clearImmediate undefined| Youtube object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| recaptcha object| closure_lm_267689 object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_

6 Cookies

Domain/Path Name / Value
.mn.co/ Name: _cfuvid
Value: B7jDzx6.AfEskLgtnx0hLV4quKdvc7Nhx41b5tCF2cs-1708332666091-0.0-604800000
wellbeingmatters.mn.co/ Name: cc_banner_level
Value: gdpr
wellbeingmatters.mn.co/ Name: _session_id
Value: 681da1b2347cd4f02fd8fc092a234c16
.mn.co/ Name: __cf_bm
Value: BPZNvVb7YHdIbQzt2y.HrfKZt5RAcGJQX_XtTL1k130-1708332666-1.0-ATxJbNoOoIBTO/fivtvOQ4dqJ63mnGFJc4voS9bQ8luBIFqHXKlZUcG+X3ut/37qa1uFjqxZcsoH5eAcFrcH1ZQ=
.youtube.com/ Name: YSC
Value: ZyDb7K4nA6s
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: ceRcOlHewQo

21 Console Messages

Source Level URL
Text
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.youtube.com/s/player/5683fc5e/www-widgetapi.vflset/www-widgetapi.js(Line 1249)
Message:
Unrecognized feature: 'web-share'.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://wellbeingmatters.mn.co/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' *.mightynetworks.com *.mn.co; child-src 'self' blob: *; connect-src 'self' *.akamaized.net *.amazonaws.com/upload.usersnap.com *.analytics.google.com *.chime.aws *.facebook.com *.google-analytics.com *.googlesyndication.com *.imgix.net *.live-video.net *.kaltura.com *.mightynetworks.com *.mn.co adservice.google.com api.getrewardful.com api.segment.io api.stripe.com api-iam.intercom.io app.brightback.com bat.bing.com capture.trackjs.com cdn.linkedin.oribi.io cdn.segment.com js.stripe.com rum.browser-intake-datadoghq.com session-replay.browser-intake-datadoghq.com sockjs.pusher.com statsigapi.net stats.g.doubleclick.net translate.google.com translate.googleapis.com uploads.intercomcdn.com widget.usersnap.com ws.pusherapp.com www.google.com www.googletagmanager.com logs.browser-intake-datadoghq.com analytics.tiktok.com d8acyc0zqfjzr.cloudfront.net wss:; media-src 'self' blob: data: *; font-src 'self' data: fonts.gstatic.com fonts.intercomcdn.com *.mightynetworks.com *.mn.co; img-src 'self' blob: data: *; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.chime.aws *.capterra.com *.google-analytics.com *.googlesyndication.com *.mightynetworks.com *.mn.co *.usersnap.com ajax.googleapis.com apis.google.com app.brightback.com bat.bing.com cdnjs.cloudflare.com cdn.embedly.com cdn.jsdelivr.net cdn.segment.com cdn.trackjs.com code.highcharts.com connect.facebook.net googleads.g.doubleclick.net js.intercomcdn.com js.stripe.com snap.licdn.com static.ads-twitter.com stats.pusher.com translate.google.com translate.googleapis.com widget.intercom.io www.datadoghq-browser-agent.com www.googletagmanager.com www.google.com www.gstatic.com www.googleadservices.com www.youtube.com analytics.tiktok.com; object-src 'none'; style-src 'self' blob: data: 'unsafe-inline' *.mightynetworks.com *.mn.co cdnjs.cloudflare.com cdn.jsdelivr.net fonts.googleapis.com; report-uri /api/web/v1/analytics/csp_violations
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets1-production-mightynetworks.imgix.net
assets1-production.mightynetworks.com
cdn.mn.co
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
media1-production-mightynetworks.imgix.net
static.doubleclick.net
stats.pusher.com
wellbeingmatters.mn.co
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
108.138.26.75
162.159.128.53
162.159.138.52
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2016
2a00:1450:4001:827::2003
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2001
2a00:1450:4001:830::2004
2a04:4e42::720
44.210.219.229
006075ca8435aa619a3a6885f3d63c6623f827ef97211e4a20b4f640d98e0f8b
03dbe6e75cac701c173566ee72e27639776729977dbcd4be4da881db821b7e03
05ff571d52e746d3b487e0559b07068c9d255a998ab2b487058399b16cb50690
0beb2a8c5f007b7981cf7e0c4d0aead987592ca2c85dda87ebd00666e82faa8c
174d716a4e0e85a76e716f9165898c2d43956baefd770ce91edbe9f8afa1cecc
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20412e1b40a5ed5be45eb71b2ff446e5f83eb7bed2a9e22c27a4e6b1f10dbf79
2f62c876c81d1b6a289ae078e7ece90c2c6d323b6747f5cf6a2cb526c35e5f74
2ff3e5902fbce6e67aedc9722794a565ff9d5330c00418e472b2e0ebd488abfe
37ca6f3935fd2598ee98ca7013ad5f2c3e1f834efb8bbb24f3c4ba9d5d7849ec
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ff01852f6b39dd6146192b4dbd5fc5565175f1703a892f0ea293c76be4b6459
50028e25c435389f59e9958f8f24e91076a7e96bc265726c445398282986f528
52535a880872c1c5273500b7f045580dfffb0fe2a02852223e9e63db92d41cc3
5410f8f1435181982ba551dfa31b63ca183a02ae3ddf0957fc8e21c2ea27ae8f
5a8121c1a3714e017beb2067c89156cb2e48f50af212ec0f474e1c442fa9c84e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5e8c7255c99441c92156a5f1b40520c4fa563b2edf94dc7101d0e33fa7bec3ed
5f3be2e733fdb68177771f8daa72566879598ac172ff15c49324ef5bf210041c
60dc6fa5423fa6fe3fcd4e446f0f0bd5b39180a4e817fb9be36179809a3059fc
61b56c65caf6b75f30bb50625d86eefa30febd19e41a5981e8a1390f4c5aa353
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6d01ca670adc0a3483175d1337065d53d3ccbafea555dca5ba54b7bc1423556b
6e50531e9cb69894ebce963fa50564b52abaf36d415346b081c0c83e7f63ab1c
70558a2c8e7c705fd142fc56878177a8233a1c522a432a556cf5df1710fa203d
7065ea60f0a9ebcb7fb9db5e4ac761a32ded667b09d62131a2299b78abe5a753
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72f397f7382e865be012461683943337899cbd8a4a0e515ef2b32c879f57e21c
7332c9ccfffae762443b654aeb1921713d05a57eb2198b0f5ec7e3f3ee3e2931
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7751cb4b71cd5c3af68c28f6e22f32ffab6d4eb397cb064c5886246733f1be6b
77d13ff1c0b365e27559c13d79ecbd841f2ac464e42007886521e067a2a3c24a
77fa87207b770eb3ff5f0a1a872daa0d7225834540c28fafc6c14506dd69f58d
784f9592efc4ea8d5f010cd6c1c29d7f5b85ef734e6ba8526aaff31bed850c21
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
8235961daad32396eb5aa49f7e79bdc290efc8155c38bf496a521c8c0f00a15e
827cd6ea3d17e447f85fd4d2ec4d3e45c3fe09f9de91d8dbb38e4c79b3869343
88d25b8c03e76364c6c7bbdd74f9686429648ee83a9367ee8347f8ed9e5acb11
911b193555e7206f83e73af68075cc8f9cbb6d505deb8205297f3b31b665be29
ae9e7e6ff08af47b7911ba87cc023490b9e8619b63bbd2ee770320cdde3be744
b68d6800899b033458438b9b7e9ea26820126476e53a7719ffa19ce1870aba8e
c31d28aac3b3220e5103363029ec0ca18fd0c0dfe1fd7f16bbdfa08d61f1707d
c6c568632a8f2855940e5c5f7f2bb25c71c60fa78f6ac14202df2ceac0400b8f
c8bec80019a23251e9a0ff9aa18b3c6dddc3d04110732cb20694b6788aa6e523
c92a59904f3b7e49f5c89669445299f3dd20c2e02e475e91180b239a079d7f79
ce1154eed96b96fe53d9914ccd2967d6c8ab96660a1c63303d50d333c5846702
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d8bf20fba9e8920b05edbed75ede46a103cdeac60cfb038bd7e29ce3275f4727
e30eb44d1bd919de19f5884ded89d326c05c5537aed690c6aac1175dc4aa6179
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60129534022961edff75de8149dbf8120a0053221c80303dddd9d0b1f523a1e
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f73b574d1f2ea3ca1551ec864077fa60535b48e64a20f39930d5bab098181f6c
f87a76ea34b8926c26e666b3dd812a74e6135c9afb16ebfd89442ec6e2df50d4