1ebfkbv53.xyz Open in urlscan Pro
2606:4700:3035::ac43:d621 Public Scan

URL:
http://1ebfkbv53.xyz/
Submission: On November 10 via manual (November 10th 2020, 3:34:59 pm UTC) from US

Summary HTTP 71 Redirects Links 65 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 17 domains to perform 71 HTTP transactions. The main IP is 2606:4700:3035::ac43:d621, located in United States and belongs to CLOUDFLARENET, US. The main domain is 1ebfkbv53.xyz.

This is the only time 1ebfkbv53.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	2606:4700:303... 2606:4700:3035::ac43:d621	13335 (CLOUDFLAR...) (CLOUDFLARENET)
36	2606:4700:303... 2606:4700:3037::ac43:ae79	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
2	2001:4de0:ac1... 2001:4de0:ac19::1:b:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
9	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.89.51 13.224.89.51	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:2b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2600:9000:219... 2600:9000:2190:a00:1c:8a07:5e80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3031::681c:1346	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	8.34.213.167 8.34.213.167	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:1400:c:abe:f440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:819::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:219... 2600:9000:2190:fa00:c:a9b7:ddc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:81a::200e	15169 (GOOGLE) (GOOGLE)
1	3.121.177.130 3.121.177.130	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:10c... 2a02:26f0:10c:5a4::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
71	22

1 2606:4700:3035::ac43:d621 (United States)

ASN13335 (CLOUDFLARENET, US)

1ebfkbv53.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2606:4700:3037::ac43:ae79 (United States)

ASN13335 (CLOUDFLARENET, US)

autoimmunewellness.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.108.153 (United States)

ASN54113 (FASTLY, US)

necolas.github.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac19::1:b:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:26f0:6c00::210:ba0a (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.89.51 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-51.zrh50.r.cloudfront.net

daks2k3a4ib2z.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:2b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:a00:1c:8a07:5e80:93a1 (United States)

ASN16509 (AMAZON-02, US)

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::681c:1346 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

autoimmune-paleo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.34.213.167 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 167.213.34.8.bc.googleusercontent.com

aiwellness.wpengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:1400:c:abe:f440:93a1 (United States)

ASN16509 (AMAZON-02, US)

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:819::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:fa00:c:a9b7:ddc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.sharethis.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.121.177.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-177-130.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:10c:5a4::19fd (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	autoimmunewellness.com autoimmunewellness.com	14 MB
10	typekit.net use.typekit.net p.typekit.net	167 KB
6	googleapis.com fonts.googleapis.com translate.googleapis.com	95 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	44 KB
3	sharethis.com platform-api.sharethis.com buttons-config.sharethis.com l.sharethis.com	32 KB
2	google-analytics.com 1 redirects www.google-analytics.com	17 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	70 KB
1	doubleclick.net stats.g.doubleclick.net	113 B
1	consensu.org c.sharethis.mgr.consensu.org
1	wpengine.com 1 redirects aiwellness.wpengine.com	124 B
1	autoimmune-paleo.com 1 redirects autoimmune-paleo.com	661 B
1	google.com translate.google.com	2 KB
1	cloudflare.com cdnjs.cloudflare.com	1 KB
1	jquery.com code.jquery.com	33 KB
1	cloudfront.net daks2k3a4ib2z.cloudfront.net	3 KB
1	github.io necolas.github.io	3 KB
1	1ebfkbv53.xyz 1ebfkbv53.xyz	22 KB
71	17

	Domain	Requested by
36	autoimmunewellness.com	1ebfkbv53.xyz autoimmunewellness.com
9	use.typekit.net	1ebfkbv53.xyz
4	translate.googleapis.com	translate.google.com translate.googleapis.com srcdoc
3	www.gstatic.com	1ebfkbv53.xyz translate.googleapis.com
2	www.google-analytics.com	1 redirects 1ebfkbv53.xyz
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	1ebfkbv53.xyz
2	maxcdn.bootstrapcdn.com	1ebfkbv53.xyz maxcdn.bootstrapcdn.com
1	stats.g.doubleclick.net	1ebfkbv53.xyz
1	p.typekit.net	1ebfkbv53.xyz
1	l.sharethis.com	platform-api.sharethis.com
1	c.sharethis.mgr.consensu.org	platform-api.sharethis.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	aiwellness.wpengine.com	1 redirects
1	autoimmune-paleo.com	1 redirects
1	translate.google.com	1ebfkbv53.xyz
1	cdnjs.cloudflare.com	1ebfkbv53.xyz
1	platform-api.sharethis.com	1ebfkbv53.xyz
1	code.jquery.com	1ebfkbv53.xyz
1	daks2k3a4ib2z.cloudfront.net	1ebfkbv53.xyz
1	necolas.github.io	1ebfkbv53.xyz
1	1ebfkbv53.xyz
71	22

This site contains links to these domains. Also see Links.

Domain
autoimmunewellness.com
www.facebook.com
instagram.com
www.pinterest.com
twitter.com
www.youtube.com
translate.google.com
autoimmune-paleo.com
www.amazon.com
aip-batch-cook.teachery.co
www.e-junkie.com
aipcertified.com
rachelpesso.com
alchemyandaim.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-28` - `2021-07-28`	a year	crt.sh
www.github.com DigiCert SHA2 High Assurance Server CA	`2020-05-06` - `2022-04-14`	2 years	crt.sh
sharethis.com Amazon	`2020-08-17` - `2021-09-16`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
sharethis.mgr.consensu.org Amazon	`2020-05-05` - `2021-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2020-10-20` - `2021-01-12`	3 months	crt.sh

This page contains 3 frames:

Primary Page: http://1ebfkbv53.xyz/
Frame ID: 6221C1468328403FBB3F0DAB8013E779
Requests: 70 HTTP requests in this frame

Frame: https://c.sharethis.mgr.consensu.org/portal-v2.html
Frame ID: 3F17A2731623BC3985015F020107545B
Requests: 1 HTTP requests in this frame

Frame: https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: E1DB7A7B4F850C1F92A6A6B9B2A5DBF8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

71
Requests

79 %
HTTPS

83 %
IPv6

17
Domains

22
Subdomains

22
IPs

5
Countries

14987 kB
Transfer

16313 kB
Size

6
Cookies

65 Outgoing links

These are links going to different origins than the main page.

URL: https://autoimmunewellness.com/

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/our-story/
Title: Our Story

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/our-team/
Title: Our Team

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/blog/
Title: Blog

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/category/articles-2/
Title: Features

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/awp/
Title: Our Podcast

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/about-aip/
Title: About AIP

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/history-aip-movement-2011-to-present/
Title: The History of AIP

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/stories-recovery-index/
Title: Stories of Recovery

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/kitchen-tour-index/
Title: AIP Kitchen Tour

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/diversity-aip-index/
Title: Diversity in AIP

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/aip-medical-research/
Title: AIP Medical Research

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/recipes/
Title: Recipes

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/introducing-real-plans-a-customizable-aip-meal-planning-service/
Title: Meal Plans

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/resources/
Title: Resources

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/find-your-aip-community/
Title: Find Your AIP Community

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/crisp-rosemary-garlic-parsnip-fries/
Title: Crisp Rosemary-Garlic Parsnip Fries

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/kelsey/
Title: Kelsey McReynolds

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/crisp-rosemary-garlic-parsnip-fries/#respond
Title: leave a comment

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/smoked-mussels-tapenade/
Title: Smoked Mussels Tapenade

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/wendi-washington-hunt/
Title: Wendi Washington-Hunt

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/smoked-mussels-tapenade/#comments
Title: 1 comment

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/mini-bundt-cakes-with-maple-cinnamon-glaze/
Title: Mini Bundt Cakes with Maple-Cinnamon Glaze

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/autoimmunepaleo/
Title: Mickey Trescott

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/mini-bundt-cakes-with-maple-cinnamon-glaze/#comments
Title: 8 comments

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/stephanies-aip-kitchen-how-she-manages-hashimotos-in-minneapolis/
Title: Stephanie’s AIP Kitchen: How She Manages Hashimoto’s in Minneapolis

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/ahaber/
Title: Alaena Haber

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/stephanies-aip-kitchen-how-she-manages-hashimotos-in-minneapolis/#respond
Title: leave a comment

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/aip-pumpkin-chai-donuts/
Title: AIP Pumpkin Chai Donuts

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/aip-pumpkin-chai-donuts/#comments
Title: 3 comments

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/aip-certified-coach-spotlight-stephanie-papadakis/
Title: AIP Certified Coach Spotlight – Stephanie Papadakis

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/author/grace/
Title: Grace Heerman

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/aip-certified-coach-spotlight-stephanie-papadakis/#respond
Title: leave a comment

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/danas-recovery-from-gluten-ataxia-eosinophilic-esophagitis-and-ibs/
Title: Dana’s Recovery from Gluten Ataxia, Eosinophilic Esophagitis and IBS

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/danas-recovery-from-gluten-ataxia-eosinophilic-esophagitis-and-ibs/#comments
Title: 2 comments

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/hamburger-soup/
Title: Hamburger Soup

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/hamburger-soup/#comments
Title: 4 comments

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/blog/page/2/
Title: < Older

Search URL Search Domain Scan URL

URL: https://www.facebook.com/autoimmunepaleo

Search URL Search Domain Scan URL

URL: https://instagram.com/autoimmunepaleo

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/autoimmunepaleo/

Search URL Search Domain Scan URL

URL: https://twitter.com/autoimmunepaleo

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCYA6ubSj3PwMoxWytNL09tw

Search URL Search Domain Scan URL

URL: https://translate.google.com/
Title: Translate

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/our-story/
Title: LEARN MORE>

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Autoimmune-Wellness-Handbook-Chronic-Illness/dp/1623367298/ref=as_li_ss_tl?ie=UTF8&qid=1468016861&sr=8-3&keywords=mickey+trescott&linkCode=ll1&tag=autoipaleo-20
Title:

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Nutrient-Dense-Kitchen-Autoimmune-Recipes-Healing/dp/0692042024/ref=as_li_ss_tl?ie=UTF8&qid=1549849966&sr=8-1&keywords=mickey+trescott&linkCode=ll1&tag=autoipaleo-20&fbclid=IwAR2MNPXFRkvG29x-DCE41vOaDUuehPqbCyqnHJid-Mt_reeQNxXOAam44VY
Title:

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/0578135213/ref=as_li_ss_tl?ie=UTF8&camp=1789&creative=390957&creativeASIN=0578135213&linkCode=as2&tag=autoipaleo-20
Title:

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/0692342907/ref=as_li_tl?ie=UTF8&camp=1789&creative=390957&creativeASIN=0692342907&linkCode=as2&tag=autoipaleo-20
Title:

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/realplans

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/what-is-aip-the-definitive-guide/

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/awp

Search URL Search Domain Scan URL

URL: https://aip-batch-cook.teachery.co/landing-page

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/category/articles-2/medical-science/

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/nutritional-therapy-association-vs-the-institute-for-integrative-nutrition/

Search URL Search Domain Scan URL

URL: https://www.e-junkie.com/ecom/gb.php?ii=1553056&cl=259920&c=ib&aff=331460

Search URL Search Domain Scan URL

URL: https://www.e-junkie.com/ecom/gb.php?ii=1511337&cl=257360&c=ib&aff=331460

Search URL Search Domain Scan URL

URL: https://aipcertified.com/

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/disclaimer/
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/terms-of-service/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://autoimmunewellness.com/equity-at-autoimmune-wellness/
Title: Equity

Search URL Search Domain Scan URL

URL: https://rachelpesso.com/
Title: RACHEL PESSO

Search URL Search Domain Scan URL

URL: https://alchemyandaim.com/
Title: ALCHEMY+AIM

Search URL Search Domain Scan URL

URL: https://autoimmune-paleo.com/wellness-bundle

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

http://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js?ver=5.5.3 HTTP 307
https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js?ver=5.5.3

Request Chain 32

https://autoimmune-paleo.com/wp-content/uploads/2015/11/bundlepopup.jpg HTTP 301
http://autoimmunewellness.com/wp-content/uploads/2015/11/bundlepopup.jpg

Request Chain 33

https://aiwellness.wpengine.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png HTTP 301
http://autoimmunewellness.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png

Request Chain 66

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2123079781&utmhn=1ebfkbv53.xyz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Blog%20-%20Autoimmune%20Wellness&utmhid=983832431&utmr=-&utmp=%2F&utmht=1605022461564&utmac=UA-39114596-1&utmcc=__utma%3D248197831.778488997.1605022462.1605022462.1605022462.1%3B%2B__utmz%3D248197831.1605022462.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1993274333&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 307
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2123079781&utmhn=1ebfkbv53.xyz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Blog%20-%20Autoimmune%20Wellness&utmhid=983832431&utmr=-&utmp=%2F&utmht=1605022461564&utmac=UA-39114596-1&utmcc=__utma%3D248197831.778488997.1605022462.1605022462.1605022462.1%3B%2B__utmz%3D248197831.1605022462.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1993274333&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39114596-1&cid=778488997.1605022462&jid=1993274333&_v=5.7.2&z=2123079781

71 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set / Show response
1ebfkbv53.xyz/ 85 KB
22 KB 634ms
615ms Document
text/html 2606:4700:3035::ac43:d621
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://1ebfkbv53.xyz/
Protocol: HTTP/1.1
Server: 2606:4700:3035::ac43:d621 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e499a19647c054cb61f4e3a5290f041cb057ba2a48a362ce79db007d09c14560

Request headers

Host: 1ebfkbv53.xyz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:34:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __cfduid=de7994b78ec0c9483c3b7e2ee185802b01605022459; expires=Thu, 10-Dec-20 15:34:19 GMT; path=/; domain=.1ebfkbv53.xyz; HttpOnly; SameSite=Lax
Vary: Accept-Encoding
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
CF-Cache-Status: DYNAMIC
cf-request-id: 0654643f43000016ee299d0000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hzHRyeXF6OJ01xaIqNWiClEVuf%2FMLhFviFDJEKzJtN89mFeb7SkA0YNgBE%2FZdMCPb4coKzYtIuBkzq6Ko4ZHfaWzR2z6g2rwucy61D07Ec%2F1obfKDnqAgNfB"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 5f00d6453bf716ee-FRA
Content-Encoding: gzip

GET
H2 200 autoptimize_2b19a8b06ce2d32a38f735474d78c557.css
autoimmunewellness.com/wp-content/cache/autoptimize/css/ 61 KB
14 KB 60ms
22ms Stylesheet
text/css 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoimmunewellness.com/wp-content/cache/autoptimize/css/autoptimize_2b19a8b06ce2d32a38f735474d78c557.css
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7bf9f0a3979ff1eecc80fbb62abb7e3071a344c194e39d7b06362bdda7ca0628

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 438003
status: 200
cf-request-id: 06546441d600002bdd150d4000000001
last-modified: Tue, 20 Oct 2020 16:54:19 GMT
server: cloudflare
etag: W/"5f8f163b-f593"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JjP9mIvb9rHilEv%2Bh4tp1LhvnpBl6YyIMlP6gwR%2BTp3gX09HG6m09gmlEb2V9syzzzrheAJXc228fc7SLmTuxyehQJjZpL%2FyhWfTwov3U6rB2RRNKfw%2Bf4AWu4th2RbP0rG5"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5f00d6495e2e2bdd-FRA

GET
H2 200 autoptimize_4e8e9c0cf30aebca1cd8df4c3a8a6716.css
autoimmunewellness.com/wp-content/cache/autoptimize/css/ 784 KB
177 KB 67ms
30ms Stylesheet
text/css 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoimmunewellness.com/wp-content/cache/autoptimize/css/autoptimize_4e8e9c0cf30aebca1cd8df4c3a8a6716.css
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ceee6ca5f32859aef616ddc7c74a67e1e7887c23132f3d9a8a61479c068d21b

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 79512
status: 200
cf-request-id: 06546441d600002bdd54ac7000000001
last-modified: Mon, 26 Oct 2020 15:22:25 GMT
server: cloudflare
etag: W/"5f96e9b1-c3e2d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8XcLClmKpH7Ngf8oSwH7dD7F5QS2om%2BKTZuzAr8CftUet315zlNPO5DKsq85vZCagLow6cDfIe0oTT%2BT11z8d1xZd9aRus3JL%2Fr%2BZJa2hrGG1ldmbhppv9HNMlGrC0yqL%2FPG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5f00d6495e312bdd-FRA

GET
H2 200 normalize.css
necolas.github.io/normalize.css/3.0.2/ 8 KB
3 KB 139ms
44ms Stylesheet
text/css 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://necolas.github.io/normalize.css/3.0.2/normalize.css
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 0da50cff35708a2790dac0457ecdc3e52e3c811caef93c274fb3f394e7e8b6bf

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fastly-request-id: b13382506beb9bfc2ce054837994b6745ee63a8b
date: Tue, 10 Nov 2020 15:34:20 GMT
content-encoding: gzip
age: 41
x-cache: HIT
status: 200
content-length: 2605
x-served-by: cache-hhn4054-HHN
access-control-allow-origin: *
last-modified: Mon, 05 Nov 2018 02:35:30 GMT
server: GitHub.com
x-github-request-id: A598:255D:3DF1BB6:4134B38:5FA9D845
x-timer: S1605022460.449095,VS0,VE1
etag: W/"5bdfac72-1e76"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
via: 1.1 varnish
expires: Mon, 09 Nov 2020 23:59:05 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 1

GET
H/1.1 200
OK font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 16ms
7ms Stylesheet
text/css 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:34:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:35:19 GMT
ETag: "1544639719"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 6079

GET
H/1.1 200
OK css
fonts.googleapis.com/ 10 KB
1 KB 19ms
15ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Josefin+Sans:400,300,300italic,400italic,600,600italic,700,700italic,100italic,100

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

12ec71081ec22ec045f64cdaa02089cfc01535c3d5a8ea3622c31e9d3e3d8a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:34:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Nov 2020 15:34:20 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 10 Nov 2020 15:34:20 GMT

GET
H/1.1 200
OK css
fonts.googleapis.com/ 6 KB
1 KB 24ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Old+Standard+TT:400,400italic,700

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d19043a1430ed76e3a4baf571733875a2d5049d785878c92264babdd8a223e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:34:20 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 10 Nov 2020 15:34:20 GMT
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Transfer-Encoding: chunked
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
X-XSS-Protection: 0
Expires: Tue, 10 Nov 2020 15:34:20 GMT

GET
H/1.1 200
OK ytn8dbr.js Show response
use.typekit.net/ 19 KB
7 KB 140ms
130ms Script
text/javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

http://use.typekit.net/ytn8dbr.js

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

HTTP/1.1

Server

2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx /

Resource Hash

e2ee4019fa857c07db1f291291686630b3328ae5e0cae8f9b79473d78902f80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains;
Content-Encoding: gzip
Server: nginx
Date: Tue, 10 Nov 2020 15:34:20 GMT
Vary: Accept-Encoding
Content-Type: text/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=600, stale-while-revalidate=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 6979

GET
H/1.1 200
OK modernizr-2.7.1.js Show response
daks2k3a4ib2z.cloudfront.net/0globals/ 5 KB
3 KB 130ms
103ms Script
application/javascript 13.224.89.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://daks2k3a4ib2z.cloudfront.net/0globals/modernizr-2.7.1.js
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: HTTP/1.1
Server: 13.224.89.51 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-51.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ab0cb43d4edb2a4410953eee55184c500243f87f5440869bf9c862a461a90629

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 10 Sep 2020 09:55:58 GMT
Content-Encoding: gzip
Age: 5290703
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 11 Jun 2014 19:22:53 GMT
Server: AmazonS3
ETag: W/"a89f4997162bf61e019b926e08682bdf"
Vary: Accept-Encoding
x-amz-version-id: null
Via: 1.1 9349ae4f82564896b96f5303b030d189.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000, must-revalidate
X-Amz-Cf-Pop: ZRH50-C1
Content-Type: application/javascript
X-Amz-Cf-Id: rom4-oErVkFAvLxskAcRs1xMLqDfpDregUoRKn5zRyt8lhJvQFV9GQ==

GET
H/1.1 200
OK jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 17ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:2b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: http://code.jquery.com/jquery-latest.min.js
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: HTTP/1.1
Server: 2001:4de0:ac19::1:b:2b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:34:20 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:08 GMT
Server: nginx
ETag: "54499a48-1762a"
Vary: Accept-Encoding
X-HW: 1605022460.dop205.fr8.t,1605022460.cds280.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33202

GET
H2 200 /
autoimmunewellness.com/ 1 KB
864 B 698ms
663ms Stylesheet
text/css 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autoimmunewellness.com/?mcsf_action=main_css&ver=5.5.3

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

4a1f1fbd7cae138f690aec083e31e485cfeaab806591228c6dd6ebe71ae982e8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
cf-cache-status: DYNAMIC
x-cacheable: CacheAlways: hours
x-powered-by: WP Engine
x-cache: HIT: 160
status: 200
cf-request-id: 06546441d600002bdd7b89b000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xAGLPc1RcMyphqDZNPy8pq1y8J0QNJN22zKvmZl7yaSe%2BX%2BVdDz2SuQa049hbZ8Ers8g2xrFKy69fd1OYVtYKTSjqfmpfqY262E0G3%2BVpDQBBIIKJBuDRiD%2Fs3oL%2BaUwXG%2Fe"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=3600, must-revalidate
content-security-policy: upgrade-insecure-requests
cf-ray: 5f00d6495e332bdd-FRA

GET
H2 200 /
autoimmunewellness.com/ 408 B
795 B 758ms
723ms Stylesheet
text/css 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://autoimmunewellness.com/?sccss=1&ver=5.5.3

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / WP Engine

Resource Hash

b073240c6c0e2a4ea4744ae67de5abc897980a148561572177383b1b3828b1e7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
content-encoding: br
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
cf-cache-status: DYNAMIC
x-cacheable: SHORT
x-powered-by: WP Engine
x-cache: HIT: 25
status: 200
cf-request-id: 06546441d600002bdd518cc000000001
x-cache-group: normal
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9AH4NeU6nShu2KizT0kpiaByqS7gt%2F1sSf78vEM9IdBT2BjJ%2BTqNyT008ht9SpNquDw8i5ZlfYC%2BDytdxmnEQe8OmzEfyXyDVJX3i%2BGMvI8HSY%2BPA65UAERr215bxC2BgqUo"}],"group":"cf-nel","max_age":604800}
content-type: text/css;charset=UTF-8
cache-control: max-age=600, must-revalidate
content-security-policy: upgrade-insecure-requests
cf-ray: 5f00d6495e352bdd-FRA

GET
H2 200 jquery.js Show response
autoimmunewellness.com/wp-includes/js/jquery/ 95 KB
32 KB 63ms
28ms Script
application/javascript 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoimmunewellness.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:20 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 529607
status: 200
cf-request-id: 06546441d600002bdd27008000000001
last-modified: Fri, 17 May 2019 04:25:54 GMT
server: cloudflare
etag: W/"5cde37d2-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GlEKwvgDJ4IfvQKOpzc2QzW0eDdGKr%2FHxMwfMrFPVieGgfaF6PWJVMHu%2Fo0w3wPMXfYjjX7SP8p96gUaJbplEK7HveFj%2FKaEGGDH49D4u1ZuYV4gCfEnkjSSsEogZYipKRb5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5f00d6495e362bdd-FRA

GET
H/1.1 200
OK sharethis.js Show response
platform-api.sharethis.com/js/ 99 KB
31 KB 29ms
13ms Script
text/javascript 2600:9000:2190:a00:1c:8a07:5e80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://platform-api.sharethis.com/js/sharethis.js
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: HTTP/1.1
Server: 2600:9000:2190:a00:1c:8a07:5e80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ca435c33acbc343c9a3db08401ea0b95c724474a8deea44bb6cce17b005739a9

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:30:38 GMT
Content-Encoding: gzip
Connection: keep-alive
Age: 222
ETag: W/"18c2e-6rpOsMxFDVyDuEwBnEXQU9fd1Kk"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript; charset=utf-8
Via: 1.1 7245e91891539560c1f484b1e46159c9.cloudfront.net (CloudFront)
Edge-control: cache-maxage=60m,downstream-ttl=60m
Cache-Control: max-age=600, public
Transfer-Encoding: chunked
X-Amz-Cf-Pop: ZRH50-C1
X-Amz-Cf-Id: jewqoiMhbOpVdIWtRo2dtppBGCDbwL4_2iUMqw72upgAaSWROhSnEQ==

GET
H2

200

jquery.easing.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/
Redirect Chain

http://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js?ver=5.5.3
https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js?ver=5.5.3

2 KB
1 KB

11ms
11ms

Script
application/javascript

2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js?ver=5.5.3

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 132966
x-via: cfworker/kv
status: 200
content-length: 747
cf-request-id: 06546441b600000601610d4000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
etag: "5eb03ec1-9e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=j0pU9bhJRDs0IBIt0fCqR1tKj2Z0uimk4kgK4fcIuF1Jc8s%2Fl3FRv33z0ofBMJWs%2FioKZNprnkl7qQa5H6logrK77oFP1uND7TUQI%2B59bU73F8mcfSWVLf855dl6SeQJYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 5f00d6492f1e0601-FRA
expires: Sun, 31 Oct 2021 15:34:20 GMT

Redirect headers

Location: https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js?ver=5.5.3
Non-Authoritative-Reason: HSTS

GET
H2 200 Final-Logo_Update_BLK.png
autoimmunewellness.com/wp-content/uploads/2016/12/ 33 KB
33 KB 12ms
12ms Image
image/png 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2016/12/Final-Logo_Update_BLK.png
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d6de6e74db1db45d1110878298ced42790e9e8fb43d40a7748f12f7ae91b802

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 106039
status: 200
content-length: 33772
cf-request-id: 065464449e00002bdd57102000000001
last-modified: Tue, 10 Jan 2017 21:46:57 GMT
server: cloudflare
etag: "58755651-83ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ch12altYhXYskEpw5puEjDkE2RRkGcWZ4Oqh5co%2BWxlLQwhBJ%2F99xLe1zz%2BuSkNeoaMfsB5g2zoF8NUjml2ZB4cPRt%2FJBa%2BmCVXZbZcCLMMlo7uAVa%2BfMcZat6FqKkuWc98%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64dca322bdd-FRA

GET
H/1.1 200
OK en.png
autoimmunewellness.com/wp-content/plugins/gtranslate/flags/24/ 2 KB
3 KB 24ms
18ms Image
image/png 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://autoimmunewellness.com/wp-content/plugins/gtranslate/flags/24/en.png
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:34:21 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 357673
Connection: keep-alive
Content-Length: 1767
cf-request-id: 06546444b000000742a1231000000001
Last-Modified: Tue, 13 Oct 2020 20:21:23 GMT
Server: cloudflare
ETag: "5f860c43-6e7"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u5%2BzZJ2z8QHjCRv2YDtSmUXS8HqYpXLxUzD8eB0DQW3oE88opJdo8xzOfpM5QbUnHoS1DNUvFzOyp%2FuD0gn3QVIzzuBWWXvEjKysBxsIf6il1AQK1p3YDvs7vEDVNoNiXtzD"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 5f00d64deb680742-FRA

GET
H/1.1 200
OK element.js Show response
translate.google.com/translate_a/ 4 KB
2 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

2b7809a32583857af19a25752bdcf42abde5613f791c6388c49a69696458657d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 Nov 2020 15:34:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: HTTP server (unknown)
Content-Language: en
Cache-Control: no-cache, must-revalidate
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 1883
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 siebar.jpg
autoimmunewellness.com/wp-content/uploads/2017/12/ 54 KB
55 KB 16ms
15ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2017/12/siebar.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 857e95f5d003bd04be798e18b5a83268cbffb657badfd6701627a516a9540ecb

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 437478
status: 200
content-length: 55749
cf-request-id: 06546444ad00002bddfa91e000000001
last-modified: Sat, 02 Dec 2017 00:45:44 GMT
server: cloudflare
etag: "5a21f7b8-d9c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3BERdxSOifzdZQjgVP%2Bn8i66IFPGDT13hbKcLLtPC2tZ9VkyI8mQs4n5DyFpfHoFLVVCNTZ32LUg6QRISX2wOO18eCx8BM6%2FDFmjeQfJ7KQpsojXiDwwSPRnlBb9ZnSlV5vp"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64dda792bdd-FRA

GET
H2 200 NDK_Cover.jpg
autoimmunewellness.com/wp-content/uploads/2018/11/ 832 KB
833 KB 17ms
11ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2018/11/NDK_Cover.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ebbdf8eb5c3a5d4fc0ae6905d3412fb12025834bb526eb121d68407fae7536b

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 203871
status: 200
content-length: 851636
cf-request-id: 06546444c500002bdd1638b000000001
last-modified: Fri, 09 Nov 2018 19:45:52 GMT
server: cloudflare
etag: "5be5e3f0-cfeb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=1NhtJn1N%2BgcnvDWtYJGvQ93spjinMvtnEnQ6pq3cOtsOpmID6WXsOISmKlLLTU%2FsBXJ2U41NXKUCpLx01K9SSux4v%2F17rrzZuAUtSWdike%2BT52FIQ%2FkjtLRZvnMBnFcGF1hY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0acf2bdd-FRA

GET
H2 200 Cover-OnlineVersion_NEW.jpg
autoimmunewellness.com/wp-content/uploads/2015/09/ 208 KB
208 KB 19ms
13ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2015/09/Cover-OnlineVersion_NEW.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 661a4243cf5ff51e76b35e0e50bf5581fca425ba99c946aae662e30fc760c0b8

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 185410
status: 200
content-length: 212750
cf-request-id: 06546444c500002bdd603d4000000001
last-modified: Tue, 10 Jan 2017 21:41:45 GMT
server: cloudflare
etag: "58755519-33f0e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=52o8LT0OVFHf2c4NT9I%2BHjJjNvGY65XFndR0SyF%2B9xebdmwwRIHf%2FhLemNd7UjJ1rrzlhblbqey8GjO6zHwWscKaCvwfEMKdbOzDISJbE8b4IqfglqEEdQKcer9mCpFUTTjY"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ad12bdd-FRA

GET
H2 200 AltAutoCover.jpg
autoimmunewellness.com/wp-content/uploads/2015/09/ 371 KB
372 KB 28ms
22ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2015/09/AltAutoCover.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9acf00c01f8535551392962ecbee26bd6008385720c006def6399c6a09beaa6c

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 187016
status: 200
content-length: 380269
cf-request-id: 06546444c500002bdd7b8e9000000001
last-modified: Tue, 10 Jan 2017 21:41:45 GMT
server: cloudflare
etag: "58755519-5cd6d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6EnWjFgpcvIhtjF6j6XWW%2Fk1gNhum3Ee0Crc7q%2FYB4g19jce46m1%2Fxn8g6Z5764VWlBzV0yBJz%2FGnqh6QolFqPe2nv8SBaiGkEZJ2XjWRKpWs9gPHyVE3z0R22voWzfRr3q2"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ad32bdd-FRA

GET
H2 200 AWH-Cover1.jpg
autoimmunewellness.com/wp-content/uploads/2018/06/ 770 KB
771 KB 36ms
30ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2018/06/AWH-Cover1.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4497d0c3c70278eb9e9a2bafd2dcbb30d0da5a89ed74099456202b2ee39e994c

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 185448
status: 200
content-length: 788295
cf-request-id: 06546444c500002bddfa3ff000000001
last-modified: Mon, 04 Jun 2018 01:03:48 GMT
server: cloudflare
etag: "5b148ff4-c0747"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FNBSU4uScpgyGw2%2BRLnjgUOUCqbKSnNK4l%2F179rJmYsGc1s2oiMVsl7N%2F4GN%2BIvoqf%2FQ1yAu%2BtUegq7n6Pra8t56iZ%2FJVUtXHlDLtEFVePP46%2B2x4%2Bim6fEdvlGyj8SWzEyO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ad52bdd-FRA

GET
H2 200 what-is-aip-sqaure.jpg
autoimmunewellness.com/wp-content/uploads/2018/06/ 251 KB
251 KB 24ms
19ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2018/06/what-is-aip-sqaure.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 15fe0ea1dfa766a7e26466acf5f0017f889b13b7e0f3f8cb9cc90e2e5c3c482f

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 591425
status: 200
content-length: 256618
cf-request-id: 06546444c600002bdd683cf000000001
last-modified: Thu, 07 Jun 2018 21:28:25 GMT
server: cloudflare
etag: "5b19a379-3ea6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RShPnsPVkoD3vhq49pSNwarEHyHKyzpoMNykj0Nkcw436Kqv4lPwE6oqAXHmLAMM9qxQwB%2ByOH8HSc2t9wIZ6wWRsJv5VlEoQRblMyDOTFG9cNnR%2F0LZkHmL3xW2Pxz5GqOl"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ad72bdd-FRA

GET
H2 200 AWPCover.jpg
autoimmunewellness.com/wp-content/uploads/2016/10/ 151 KB
151 KB 54ms
49ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2016/10/AWPCover.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2171cb99fa0b38c1c427abe85c66025906ed6a0602b4ced85d10802f415714c

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 454660
status: 200
content-length: 154169
cf-request-id: 06546444c600002bdd54b1c000000001
last-modified: Tue, 10 Jan 2017 21:46:57 GMT
server: cloudflare
etag: "58755651-25a39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RA7uZk6dQ25qRjxgfC%2F8E8NYzWy10hHdkCr48XHvqdsnKMe9xGsc%2BbD6BZN53h65Fi5Hav1IzZx%2BnOP0UNX7jpZgJ6neo%2BtqtqLgH9VZ6h6Ka0APbBQTxP3qWAHJXKAq1D2U"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ad82bdd-FRA

GET
H2 200 AIPBCSidebar-2.jpg
autoimmunewellness.com/wp-content/uploads/2018/05/ 89 KB
90 KB 25ms
20ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2018/05/AIPBCSidebar-2.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8efe93d54b76bd3177e461f528e5f4308d0eef87d05e45e469f8430fe4031c93

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 361753
status: 200
content-length: 91250
cf-request-id: 06546444c600002bdd4ebaa000000001
last-modified: Fri, 25 May 2018 20:22:30 GMT
server: cloudflare
etag: "5b087086-16472"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4zI8oe5KtpVvK%2FOuHk91mHKp9dJv%2F84gt3xXMW9KmqUmyuui95hwcIqvDQ2QO5FOxALy5vBa3UjWK7skp4CcrfxFlTZCSs5E0VfKktDZ8kAaYA0rI9B7RGT0LzooPqByCSUx"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0adc2bdd-FRA

GET
H2 200 resources-sidebar.jpg
autoimmunewellness.com/wp-content/uploads/2018/06/ 35 KB
36 KB 22ms
18ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2018/06/resources-sidebar.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be46e53117144f19f998cc38886635ece607ee47f32880b6f91a50d2e9c68124

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 106039
status: 200
content-length: 36305
cf-request-id: 06546444c600002bdd2a984000000001
last-modified: Mon, 04 Jun 2018 00:53:06 GMT
server: cloudflare
etag: "5b148d72-8dd1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=BbkSVjUn3Jedg3hPxtQGlyyqwteSHJcrg6ntlblsughTqwM5NPYi8y2b5CbIdqN1i6%2B440ehi4AcCPYOiaK95HPEmDSrevkCiRd9F4cS7LoPZOrlMhsN5D1NL48VBXA9kIGO"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0adf2bdd-FRA

GET
H2 200 medical-studies-sidebar.jpg
autoimmunewellness.com/wp-content/uploads/2019/08/ 287 KB
288 KB 23ms
18ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2019/08/medical-studies-sidebar.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f66213216d83c3325b395ec7fb537d56e02afffa733b14f28f431ab04f7f681

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 591424
status: 200
content-length: 293897
cf-request-id: 06546444c700002bddfd1b4000000001
last-modified: Fri, 30 Aug 2019 23:27:52 GMT
server: cloudflare
etag: "5d69b0f8-47c09"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y5JWdRTHPMzQy%2BnfPw3CH0rZBr4I0llIZIrMDLsYPOalmc9ST3ks1zPG1Q2V0x4%2BuB57t5e%2Fp%2BQC%2Be5AckXFXriuJArYulIYF9DIS2e3MZK5%2BpYsm9NmH9mXAQlPnkCgQPgD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ae02bdd-FRA

GET
H2 200 nta-sidebar-2.jpg
autoimmunewellness.com/wp-content/uploads/2017/12/ 501 KB
502 KB 23ms
19ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2017/12/nta-sidebar-2.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf1f68ac3c6cc1eaa679245fcf1eb2014f7ced8223c6d1800d0446c80ef9d10

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 200578
status: 200
content-length: 512640
cf-request-id: 06546444c700002bdd1c366000000001
last-modified: Sat, 30 Dec 2017 08:03:25 GMT
server: cloudflare
etag: "5a47484d-7d280"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ReRVdtm5PXZHBS06jZZI8jNXYrITNbeawkIrhxx5X4RwFj7m9Mm6Z6QRFRAqcc4N6ajtiHLAIqxhFSr0s5dYpRiQQmInZdmudnq06BZmTDbpUuCG7ctj1kBGT15WsYgGUCKm"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ae12bdd-FRA

GET
H2 200 Copy-of-FreezerCover_300.jpg
autoimmunewellness.com/wp-content/uploads/2017/10/ 7 MB
7 MB 22ms
18ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2017/10/Copy-of-FreezerCover_300.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb4ce77b79f50cd1ca072086ea2dffbb1077de4922232bc7ad1f72ae12b8cb67

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 203869
status: 200
content-length: 7513304
cf-request-id: 06546444c700002bdd5a896000000001
last-modified: Mon, 02 Oct 2017 01:56:47 GMT
server: cloudflare
etag: "59d19cdf-72a4d8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y8iqwYE0zlgspQLaXe5sbF5AGQw6XoA3uE6UiZt%2B3g6zCB%2FRYyRE0EgXooyBHXhmSYwLrLe%2BxMqXnVgnbX%2FS7EhrBTtEWfyYV5UkIe5h%2FCZ%2FI%2F2Q8r6IOwwC0eqT1LFF6mCU"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ae22bdd-FRA

GET
H2 200 ip-cookbook-cover.jpg
autoimmunewellness.com/wp-content/uploads/2017/01/ 445 KB
446 KB 23ms
19ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2017/01/ip-cookbook-cover.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4fcc74ecab8ed24dd9de68c0adc45b08c0b6f5105f8e2bf35b1dcbcb93b9ae2

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 120742
status: 200
content-length: 456136
cf-request-id: 06546444c700002bdd0c314000000001
last-modified: Tue, 10 Jan 2017 21:39:13 GMT
server: cloudflare
etag: "58755481-6f5c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o5u1F5%2F5aX1z8KlIB2aQ9kbQBCUr6c6%2ByUV1vUdEXPtTjlUuJTYXYFhp5GkXgd69cxnQOXzRmvAUz8wfFhkw1bOu11vUXXABKDVqAhtpNdQIkEqpsEXl6TEuW0P1CMnWEGmD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ae32bdd-FRA

GET
H2 200 ingredients_preview-1.jpg
autoimmunewellness.com/wp-content/uploads/2018/06/ 395 KB
396 KB 24ms
20ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2018/06/ingredients_preview-1.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dee9eb50d5d1614e2d524152d8557029d4587881bdd706512732713ce4caa7cd

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 203868
status: 200
content-length: 404373
cf-request-id: 06546444c700002bdd6a22d000000001
last-modified: Sat, 16 Jun 2018 00:47:36 GMT
server: cloudflare
etag: "5b245e28-62b95"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0GXbtUWs9w5f0yi3lhZRZJVOBXaR5mZlewUsD7krePx9Ja%2B46mdPzdgEvMd7ckbupF4wXarISdDh82Sb99obGrQoY3c%2B%2FnTgMo914SfnN9fqoNJ8rC%2FvVFh57SO%2Fc31HJWAD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ae42bdd-FRA

GET
H2 200 close-icon.png
autoimmunewellness.com/wp-content/plugins/itro-popup/images/ 7 KB
8 KB 24ms
20ms Image
image/png 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/plugins/itro-popup/images/close-icon.png
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47bd3866d67c6470ff420960ca0a2a44ce66ec8c88271b7cf99600529376b56c

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 544871
status: 200
content-length: 7553
cf-request-id: 06546444c700002bdd6f978000000001
last-modified: Wed, 20 May 2020 13:30:29 GMT
server: cloudflare
etag: "5ec530f5-1d81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Yyjo5BnoAxnNKAyxVp5DhcA21z0B2AVOjbtj4g%2BA8yOAkcaJNM65f1Dhh4jVSnOJXxhmSidwFwa5d6RMrASbdnMqJgEKOWPdMuzrkDnlm8n6Q9qFinGxm6TKy8w2nN8OSXI4"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ae52bdd-FRA

GET
H/1.1

200
OK

bundlepopup.jpg
autoimmunewellness.com/wp-content/uploads/2015/11/
Redirect Chain

https://autoimmune-paleo.com/wp-content/uploads/2015/11/bundlepopup.jpg
http://autoimmunewellness.com/wp-content/uploads/2015/11/bundlepopup.jpg

149 KB
150 KB

21ms
20ms

Image
image/jpeg

2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://autoimmunewellness.com/wp-content/uploads/2015/11/bundlepopup.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d850cadc389cddf7db20085f5612d9b09bf590126117283f284ecaa5f2dc8543

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:34:21 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 357669
Connection: keep-alive
Content-Length: 152888
cf-request-id: 06546446870000074262294000000001
Last-Modified: Tue, 10 Jan 2017 21:44:21 GMT
Server: cloudflare
ETag: "587555b5-25538"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ClJPjly9cP2U%2Fgv%2Fwz983CESpQppBsb9V%2FdPjVQOnUUh5YUMRIegWRNUd2nYLXOzXa73mKxfqGzOo9uHEX%2BGZINWrsvpHJyKUmx2w5jwja%2Bd3OP1hA9JuM6iYix79ljGm26%2B"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 5f00d650dad60742-FRA

Redirect headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
status: 301
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PwFoU4%2BrHcbxmy2B3SJw0n%2FLf4q9W34ikAAB6xXdlcZMI7%2FokqUdARUQwmpM78q9nyUOcuAT2JcqkY37tntTEuzLQsT1A%2FuTI7A%2ButksB2Oy%2FD7FWf%2BeN%2FE4qYMtERzx9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: http://autoimmunewellness.com/wp-content/uploads/2015/11/bundlepopup.jpg
cache-control: max-age=14400
cf-ray: 5f00d64e3b981756-FRA
cf-request-id: 06546444e30000175667071000000001

GET
H/1.1

200
OK

Final-Logo_Update_BLK_short.png
autoimmunewellness.com/wp-content/uploads/2017/01/
Redirect Chain

https://aiwellness.wpengine.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png
http://autoimmunewellness.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png

19 KB
20 KB

22ms
22ms

Image
image/png

2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://autoimmunewellness.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: HTTP/1.1
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99cbf8461e06bcc64daaaba6ff5a06ac695e03b10687151091966afaccff6dd7

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:34:21 GMT
CF-Cache-Status: HIT
NEL: {"report_to":"cf-nel","max_age":604800}
Age: 306942
Connection: keep-alive
Content-Length: 19869
cf-request-id: 06546447c40000074270a70000000001
Last-Modified: Fri, 23 Aug 2019 20:31:03 GMT
Server: cloudflare
ETag: "5d604d07-4d9d"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9TuiTRMGWZNqIoZmcYYPXSHmlIihT1XQ6E8Wn0OW9I%2FTswmS0Ao6mQdLyUE5UlgXr98oH6tsWJxTGvc82ZAAdN0T%2BJBh0TMIf1tFOmFMmN5nCVmDvVjAQ%2BDTjS5XE%2Ff4PUk7"}],"group":"cf-nel","max_age":604800}
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
CF-RAY: 5f00d652df690742-FRA

Redirect headers

status: 301
date: Tue, 10 Nov 2020 15:34:21 GMT
server: nginx
content-length: 162
location: http://autoimmunewellness.com/wp-content/uploads/2017/01/Final-Logo_Update_BLK_short.png
content-type: text/html

GET
H2 200 autoptimize_single_cef37125b5bf40a5f0fb6d2526da5ef7.css
autoimmunewellness.com/wp-content/cache/autoptimize/css/ 4 KB
1 KB 20ms
20ms Stylesheet
text/css 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoimmunewellness.com/wp-content/cache/autoptimize/css/autoptimize_single_cef37125b5bf40a5f0fb6d2526da5ef7.css?ver=5.5.3
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7417c5da0a35da8defb2434923e89cf1fa5f64f23c7d6c19818e77881d428c94

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 290407
status: 200
cf-request-id: 065464448800002bdd4eba6000000001
last-modified: Tue, 20 Oct 2020 16:54:17 GMT
server: cloudflare
etag: W/"5f8f1639-fb9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=13767xCEA8CtmVr9XLp1ePrGdF%2BYgZD9Ubb6HZZQVBl342va11mbPnumQXX79Pul90j7iLfCj4mqw5Cf4a5PdO32A5ljRm0Tz7b8HzxgD3aX%2BrvrTQvvqODCk4Vh24G8ED7S"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5f00d64da9cd2bdd-FRA

GET
H2 200 autoptimize_dac68f98ce38f04afb7ae3960dafedce.js Show response
autoimmunewellness.com/wp-content/cache/autoptimize/js/ 254 KB
70 KB 33ms
30ms Script
application/javascript 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoimmunewellness.com/wp-content/cache/autoptimize/js/autoptimize_dac68f98ce38f04afb7ae3960dafedce.js
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25e37bf710fa73d535d27ace02b05351910bf79f250db98545b68179857ce62a

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 357668
status: 200
cf-request-id: 06546444c800002bdd72163000000001
last-modified: Mon, 26 Oct 2020 15:22:25 GMT
server: cloudflare
etag: W/"5f96e9b1-3f85d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=T3iKXHj7zH%2BFOX01dkxsKuTmqZ8ABdUpaQzeuVmsGd7bmtKWOnJsh%2BC508XsunE2Unjz0lWUJvgslWYYqfSkx0pgDeXokvjflnbp0HMHaHTf8PRCb13LhZ5FjO9gWZ54AjBf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5f00d64e0ae72bdd-FRA

GET
H2 200 wp-emoji-release.min.js Show response
autoimmunewellness.com/wp-includes/js/ 14 KB
5 KB 25ms
23ms Script
application/javascript 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://autoimmunewellness.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 441811
status: 200
cf-request-id: 06546444c900002bdd3190c000000001
last-modified: Tue, 11 Aug 2020 19:00:40 GMT
server: cloudflare
etag: W/"5f32ead8-37a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RxnYjXazfjLM1CE1IrtachIxXK%2FASGOC8kmWsbVSfYNbmUUxvJQ2Et6jEwvX2qQoIhAAE%2FDXrN2A3%2BjOtuS5pJNrJEZIj7Gpi8nLv9JWZWOfr0z9ladO6yFLotpMrSt6reSa"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 5f00d64e0ae82bdd-FRA

GET
H2 200 58a5f69a8cfe7d0011262a6d.js Show response
buttons-config.sharethis.com/js/ 30 B
370 B 452ms
417ms Script
text/javascript 2600:9000:20eb:1400:c:abe:f440:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://buttons-config.sharethis.com/js/58a5f69a8cfe7d0011262a6d.js
Requested by: Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:1400:c:abe:f440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:22 GMT
via: 1.1 8002c303d4f2295f77566a349deba122.cloudfront.net (CloudFront)
last-modified: Thu, 16 Feb 2017 18:59:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "e6e1643313740711175f51662a65b42f"
x-cache: RefreshHit from cloudfront
content-type: text/javascript
status: 200
cache-control: max-age=60,public
accept-ranges: bytes
content-length: 30
x-amz-cf-id: k6nqS7MJsHkzaQgxZu0W0PEOFFpl8s-gV6lID1yspbGDkzf7QN1q-Q==

GET
H2 200 TheBlog2.jpg
autoimmunewellness.com/wp-content/uploads/2017/03/ 1 MB
1 MB 22ms
21ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2017/03/TheBlog2.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56743fb13c30a99e8674206ba266611a9ca40cd3b527b7ab459ed97d25fe4845

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 10331
status: 200
content-length: 1101897
cf-request-id: 06546444c800002bdd49895000000001
last-modified: Mon, 13 Mar 2017 15:10:13 GMT
server: cloudflare
etag: "58c6b655-10d049"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wayn%2FkrUTyWCj57yp5pkO5Zgfpm8JP2saRdfLYm3fXy3ieBtt5OATqQRjxKq8VO26W5MO9QlNR6NVLX99osjMqqgWX4l180nwJ866VIaIvYlJVj7Ipvrl8guLY7lb%2BBN5sjG"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64e0ae92bdd-FRA

GET
DATA 200
OK truncated
/ 270 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK MwQubh3o1vLImiwAVvYawgcf2eVeqlq4ZnRSZw.woff2
fonts.gstatic.com/s/oldstandardtt/v13/ 13 KB
13 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/oldstandardtt/v13/MwQubh3o1vLImiwAVvYawgcf2eVeqlq4ZnRSZw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Old+Standard+TT:400,400italic,700

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1f69cb631d1cc88e311ffc95a814d46912207429182be7ce21fdfab5292bc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://fonts.googleapis.com/css?family=Old+Standard+TT:400,400italic,700
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 11:43:53 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 01 Sep 2020 03:46:53 GMT
Server: sffe
Age: 186628
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 13168
X-XSS-Protection: 0
Expires: Mon, 08 Nov 2021 11:43:53 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
63 KB 15ms
9ms Font
font/woff2 2001:4de0:ac19::1:b:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

http://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: http://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css

Protocol

HTTP/1.1

Server

2001:4de0:ac19::1:b:2a , Netherlands, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Resource Hash

3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:34:21 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 12 Dec 2018 18:36:18 GMT
ETag: "1544639778"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: font/woff2
Access-Control-Allow-Origin: *
cache-control: public, max-age=31536000
Cross-Origin-Resource-Policy: cross-origin
Connection: Keep-Alive
Accept-Ranges: bytes
timing-allow-origin: *
Content-Length: 64470

GET
H2 200 Parsnip-Fries-680X450-529x350.png
autoimmunewellness.com/wp-content/uploads/2020/11/ 348 KB
349 KB 19ms
17ms Image
image/png 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2020/11/Parsnip-Fries-680X450-529x350.png
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 789a3981687868cf8b861ea997685e9826e8c7d807a8621467edcc8a779b4e28

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 79511
status: 200
content-length: 356474
cf-request-id: 065464454300002bdd27885000000001
last-modified: Mon, 09 Nov 2020 04:11:45 GMT
server: cloudflare
etag: "5fa8c181-5707a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=82vl7c2pvfssijbMy8u5vT5tLOqHn40lFMifqRIZguCwQJnCegDEdarROAv4CKY7R4a2KH5nnyr8%2Fly2KBzrvUGsmH5QGOONCU4IqQzKyFj%2FRTi3TxzfmHgbaTv7IV7abXVL"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64edcb72bdd-FRA

GET
H2 200 Smoked-Mussels-Tapenade-Landscape-526x350.jpg
autoimmunewellness.com/wp-content/uploads/2020/11/ 36 KB
37 KB 19ms
17ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2020/11/Smoked-Mussels-Tapenade-Landscape-526x350.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c0982a96ac2d384027d5a22fa4a63f4375184c3817dbffd2276f31a18cc9daa

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 10331
status: 200
content-length: 36969
cf-request-id: 065464454400002bdd5a8a4000000001
last-modified: Sat, 31 Oct 2020 00:08:58 GMT
server: cloudflare
etag: "5f9cab1a-9069"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xs3KveqQSznD7kdRUr6RgiyAUV0UO5AijWLj%2B9KO9z5Ak1axZAHxGom%2FuJZz24CZSjKVeba9az%2BtO%2BGLRMpb3A8kETNIdHAcNAKsIr48E1Kxbtl9t%2BRtw1x%2BNWyw%2FT51bteD"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64edcc02bdd-FRA

GET
H2 200 MiniBundt3-525x350.jpg
autoimmunewellness.com/wp-content/uploads/2020/10/ 41 KB
41 KB 20ms
18ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2020/10/MiniBundt3-525x350.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0eb6f473d6ae177065ce8bf95132563dffe9dc273168e3e03501e632f1e7a0a5

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 357674
status: 200
content-length: 41696
cf-request-id: 065464454400002bdd442ce000000001
last-modified: Sun, 18 Oct 2020 21:54:33 GMT
server: cloudflare
etag: "5f8cb999-a2e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bSDKORqfS8FzE3dJFQ3NANUCDiC9uBusJPgoYeojTFx9SQ5UZbwxyxTrX%2BOBXYxuz5IwqFLsCzfnqHvXDTHfp8m7Jm24ylqJLkXlY6wo7HzPA21c70FbAKNF6zUCoGZWlh7l"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64edcc32bdd-FRA

GET
H2 200 FB_Post11-700x348.png
autoimmunewellness.com/wp-content/uploads/2015/10/ 284 KB
285 KB 32ms
31ms Image
image/png 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2015/10/FB_Post11-700x348.png
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b7c08d17737baa76d4a59c7eed414adb6d93566d3421372fc0404aa9f2363c78

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 354924
status: 200
content-length: 291217
cf-request-id: 065464454500002bddfa930000000001
last-modified: Fri, 10 Feb 2017 14:06:33 GMT
server: cloudflare
etag: "589dc8e9-47191"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xPmClQp5izngqPCGiu84s1Cc9nx%2FoXTWRhnQ4jxC8QIlDzwyfj7%2F0DTYDRxji9ZvVM3824vRnYCoDV6Gno2oXVg0I3V9mgxi920g9NqXJT6LYksZv6DNPhjIDzDf%2F1XoUZKX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64edcc72bdd-FRA

GET
H2 200 AIP-Pumpkin-Chai-Donuts-680X450-529x350.png
autoimmunewellness.com/wp-content/uploads/2020/10/ 337 KB
338 KB 32ms
30ms Image
image/png 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2020/10/AIP-Pumpkin-Chai-Donuts-680X450-529x350.png
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd65c8e7ac0e733130a14df58d6bad9921fc00483832bcf7961a904edecf0127

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 270577
status: 200
content-length: 345336
cf-request-id: 065464454500002bddfd1c3000000001
last-modified: Sun, 18 Oct 2020 23:34:56 GMT
server: cloudflare
etag: "5f8cd120-544f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5e1LRIlWV5uWz4%2FdrUFEQM0FWczUURk3esypaLc1bOUU9xVH8C%2BxxCcqQIrXu3CyG3Z4opEXNTsVawLOX2ACfsZCAaQuG0cyZT4Jv5UQ4%2FOhp8pOnBlyDzK%2BnyVMXBaheaJ9"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64edcc82bdd-FRA

GET
H2 200 autoimmunewellness_charlottedupontphotographybendoregon-67-700x348.jpg
autoimmunewellness.com/wp-content/uploads/2018/02/ 51 KB
51 KB 33ms
32ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2018/02/autoimmunewellness_charlottedupontphotographybendoregon-67-700x348.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecbe87eb746c4dbb96f3725b1dcf1c7e18216e5a8b11d8da42eb540b52271422

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 187018
status: 200
content-length: 51917
cf-request-id: 065464454500002bdd11181000000001
last-modified: Thu, 08 Feb 2018 10:49:48 GMT
server: cloudflare
etag: "5a7c2b4c-cacd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZIQ3HshPMuv6lYn3hd%2FBG7POytPxjKcihTtOc1jgTUF%2FVskgRHfLktyu2w20caEOl7s46vvMcoMLeDZeXYcPzDtQvrofb8lOQz0kUka%2FxHaKo%2BayfZrgHQokNs7IQLij9CnN"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64edcc92bdd-FRA

GET
H2 200 translateelement.css
translate.googleapis.com/translate_static/css/ 18 KB
4 KB 36ms
7ms Stylesheet
text/css 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/css/translateelement.css

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:26:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3619
x-xss-protection: 0
last-modified: Wed, 12 Feb 2020 21:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 10 Nov 2020 16:26:11 GMT

GET
H2 200 main.js Show response
translate.googleapis.com/translate_static/js/element/ 3 KB
2 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_static/js/element/main.js

Requested by

Host: translate.google.com
URL: http://translate.google.com/translate_a/element.js?cb=googleTranslateElementInit2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80cfc390f534ca8d75ac161e82639486b1ee24b30c402af8bcc89d113ff343eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 14:55:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2311
status: 200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1610
x-xss-protection: 0
last-modified: Wed, 30 Sep 2020 22:45:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 10 Nov 2020 15:55:50 GMT

GET
H2 200 portal-v2.html
c.sharethis.mgr.consensu.org/ Frame 3F17 0
0 42ms
11ms Document
text/html 2600:9000:2190:fa00:c:a9b7:ddc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.sharethis.mgr.consensu.org/portal-v2.html
Requested by: Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:fa00:c:a9b7:ddc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: c.sharethis.mgr.consensu.org
:scheme: https
:path: /portal-v2.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://1ebfkbv53.xyz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://1ebfkbv53.xyz/

Response headers

status: 200
content-type: text/html; charset=utf-8
accept-ranges: bytes
content-encoding: gzip
last-modified: Thu, 01 Oct 2020 18:27:43 GMT
cache-control: max-age=3600, public
date: Tue, 10 Nov 2020 15:04:04 GMT
etag: W/"83a-174e56b8518"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 048a65288aba3f3565a971a2e44151be.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: MHIqq6-uZ8cbuJb1iJQ1wcNnFRLd2ycJdlys1v40NWs8IEBPivE6lA==
age: 1817

GET
H/1.1 200
OK Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2
fonts.gstatic.com/s/josefinsans/v16/ 26 KB
27 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/josefinsans/v16/Qw3aZQNVED7rKGKxtqIqX5EUDXx4Vn8sig.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Josefin+Sans:400,300,300italic,400italic,600,600italic,700,700italic,100italic,100

Protocol

HTTP/1.1

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad8e530eb16a53ebe93503917fa69e2ef37d1385e737045e966740697a3786a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://fonts.googleapis.com/css?family=Josefin+Sans:400,300,300italic,400italic,600,600italic,700,700italic,100italic,100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 08 Nov 2020 11:43:49 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Jun 2020 02:06:34 GMT
Server: sffe
Age: 186632
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 26876
X-XSS-Protection: 0
Expires: Mon, 08 Nov 2021 11:43:49 GMT

GET
H2 200 RP-sidebar-2020-1.jpg
autoimmunewellness.com/wp-content/uploads/2020/02/ 56 KB
56 KB 11ms
11ms Image
image/jpeg 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/uploads/2020/02/RP-sidebar-2020-1.jpg
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db58fbdd3b4cd12d729fd5d21a19ddc484943744299fc98c7103c0e4d1e5ae76

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 290964
status: 200
content-length: 57292
cf-request-id: 065464457d00002bdd6313b000000001
last-modified: Wed, 26 Feb 2020 17:41:47 GMT
server: cloudflare
etag: "5e56addb-dfcc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G9eVRb6eEfz2%2BzOldUfb9lgFKjNInJAN97nf4bIQJdiZAPRsRdj3BwKpbaUlxh0pK%2FJSIpXaVnOx4niF0Q3%2F247b7TklOUFFJoCLTfvrg4CjP4SAU6eZWVfPfOfdAfEeR1jX"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64f2da72bdd-FRA

GET
H2 200 ga.js Show response
www.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:81a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/ga.js

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 5418
date: Tue, 10 Nov 2020 14:04:03 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 10 Nov 2020 16:04:03 GMT

GET
H2 200 l
use.typekit.net/af/4e8f1c/00000000000000000001771b/27/ 19 KB
19 KB 45ms
31ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4e8f1c/00000000000000000001771b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 29445ce508d88ceb3287b8743ac90d89c0affee0ba6eab7765274f70f4fc766c

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
server: nginx
etag: "1e4bb09579655e22898b075fa98e078d99f5b015"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19700
x-akamai-path-stats: [1:195:805]

GET
H2 200 l
use.typekit.net/af/9f8f7d/00000000000000000001771c/27/ 20 KB
20 KB 24ms
10ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/9f8f7d/00000000000000000001771c/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i6&v=3
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 23c471f9f9c44f559a3909ef5dc3d26cd8f4d5a678e56372c5ff05c027f6f56c

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
server: nginx
etag: "c222ee85e7d33c2fd42d7bcf03f04baabc9ecf59"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20600

GET
H2 200 l
use.typekit.net/af/393a58/00000000000000000001771d/27/ 20 KB
20 KB 48ms
35ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/393a58/00000000000000000001771d/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n6&v=3
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: b90114ff09b5d5dae333a7b99f5c21b2d3d5c7c8681ae039b91890a289a90090

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
server: nginx
etag: "9ea39d472050dbac5b634ff8b08dd04449a587b8"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20144

GET
H2 200 l
use.typekit.net/af/b5c416/00000000000000000001771e/27/ 20 KB
20 KB 31ms
18ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b5c416/00000000000000000001771e/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: b12267d0b6460bd101444137253136d374cd011011ff7b98c31044c6ca25d37c

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
server: nginx
etag: "da4f176bc2680f0ed1afb1367d1dc3b6951295bb"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20328

GET
H2 200 l
use.typekit.net/af/8d84f0/00000000000000000001771f/27/ 19 KB
19 KB 38ms
25ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8d84f0/00000000000000000001771f/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 4f370a3830e43cb79fba312ab079963e99b737eabb35fcf8ffda8130bb2260dd

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
server: nginx
etag: "558db8f2254ec94e60b708c0bf81f88bba2b7f65"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 19748

GET
H2 200 l
use.typekit.net/af/a20d40/000000000000000000017720/27/ 20 KB
20 KB 33ms
20ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/a20d40/000000000000000000017720/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: cd6d920413194aa263f0072039d2c2735bf8d49215dfabfb501000fc80a1f6dc

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
server: nginx
etag: "362cfa947117279d46a3bfcfedc7f56754ec1e42"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20384

GET
H2 200 l
use.typekit.net/af/84cfc3/000000000000000000017723/27/ 20 KB
20 KB 29ms
16ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/84cfc3/000000000000000000017723/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: df01857d4a90ef96f9ad9b957244d11a81200fd5e9baf653b47682a7ad5d3ada

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
server: nginx
etag: "9592b07d36e415c57af211aaad0f7c419e5bdc14"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20596

GET
H2 200 l
use.typekit.net/af/625a3c/000000000000000000017724/27/ 20 KB
20 KB 45ms
33ms Font
application/font-woff2 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/625a3c/000000000000000000017724/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 8ed6c09996f2a6587d8aef289768d3e48b51b2285b69ad1d17956413f6415bfd

Request headers

Origin: http://1ebfkbv53.xyz
Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
server: nginx
etag: "9399c09e1ad3bd361cecbd97b64a840cd74f11fc"
status: 200
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
content-length: 20236

GET
H2 200 ajax-loader.gif
autoimmunewellness.com/wp-content/plugins/slick-carousel/deps/slick/slick/ 4 KB
5 KB 23ms
22ms Image
image/gif 2606:4700:3037::ac43:ae79
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://autoimmunewellness.com/wp-content/plugins/slick-carousel/deps/slick/slick/ajax-loader.gif
Requested by: Host: autoimmunewellness.com
URL: https://autoimmunewellness.com/wp-content/cache/autoptimize/css/autoptimize_single_cef37125b5bf40a5f0fb6d2526da5ef7.css?ver=5.5.3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:ae79 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

Referer: https://autoimmunewellness.com/wp-content/cache/autoptimize/css/autoptimize_single_cef37125b5bf40a5f0fb6d2526da5ef7.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 544866
status: 200
content-length: 4178
cf-request-id: 06546445c500002bddfa012000000001
last-modified: Tue, 10 Jan 2017 21:55:33 GMT
server: cloudflare
etag: "58755855-1052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=88wfuy6r1QAZmSx9RIqUErxY7gjWGiLMEDHsk5tf%2F8VHt02biSCjuJrRYqP21H3B%2BfrsfE0u771FC4uiiSG0%2BN9aGqJhR7SAO6JOSMB8siiwVJydUr8gZIXYFYSlrpVmfXGR"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 5f00d64faee12bdd-FRA

GET
H/1.1 204
No Content pview Show response
l.sharethis.com/ 0
334 B 225ms
56ms XHR
text/plain 3.121.177.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.sharethis.com/pview?event=pview&hostname=1ebfkbv53.xyz&location=%2F&product=ga&url=http%3A%2F%2F1ebfkbv53.xyz%2F&source=sharethis.js&fcmp=false&fcmpv2=false&has_segmentio=false&title=Blog%20-%20Autoimmune%20Wellness&cms=unknown&publisher=58a5f69a8cfe7d0011262a6d&sop=true&bsamesite=true&consentDomain=.consensu.org&consent_duration=330&gdpr_domain=.consensu.org&gdpr_domain_v1=.consensu.org&version=st_sop.js&lang=en&description=Stay%20up%20to%20date%20with%20all%20of%20the%20latest%20AIP%20compliant%20recipes%2C%20articles%2C%20and%20other%20resources%20on%20living%20well%20with%20autoimmune%20disease.
Requested by: Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.177.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-121-177-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Tue, 10 Nov 2020 15:34:21 GMT
Access-Control-Max-Age: 1728000
Access-Control-Allow-Origin: http://1ebfkbv53.xyz
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *

GET
H3-Q050 200 element_main.js Show response
translate.googleapis.com/element/TE_20200506_00/e/js/element/ 238 KB
85 KB 38ms
25ms Script
text/javascript 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/element/TE_20200506_00/e/js/element/element_main.js

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/js/element/main.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 14:40:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3257
status: 200
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87186
x-xss-protection: 0
last-modified: Wed, 06 May 2020 18:47:58 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 Nov 2021 14:40:04 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
182 B 39ms
10ms Image
image/gif 2a02:26f0:10c:5a4::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=ytn8dbr&ht=tk&h=1ebfkbv53.xyz&f=25629.25630.25631.25632.25633.25634.25637.25638&a=3817992&js=1.20.0&app=typekit&e=js&_=1605022461486
Requested by: Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:5a4::19fd , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 15:34:21 GMT
last-modified: Wed, 24 Jun 2020 21:05:53 GMT
server: nginx
etag: "5ef3c031-23"
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 35

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

http://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2123079781&utmhn=1ebfkbv53.xyz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Blog%20...
https://www.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=2123079781&utmhn=1ebfkbv53.xyz&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Blog%2...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39114596-1&cid=778488997.1605022462&jid=1993274333&_v=5.7.2&z=2123079781

35 B
113 B

15ms
15ms

Image
image/gif

2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39114596-1&cid=778488997.1605022462&jid=1993274333&_v=5.7.2&z=2123079781

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 10 Nov 2020 15:34:21 GMT
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 Nov 2020 15:34:21 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 302
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-39114596-1&cid=778488997.1605022462&jid=1993274333&_v=5.7.2&z=2123079781
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 370
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/1x/ 825 B
913 B 8ms
7ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/1x/translate_24dp.png

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 14:02:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 5505
vary: Origin
content-type: image/png
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 825
x-xss-protection: 0
expires: Wed, 10 Nov 2021 14:02:36 GMT

GET
H2 200 googlelogo_color_42x16dp.png
www.gstatic.com/images/branding/googlelogo/1x/ 910 B
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/1x/googlelogo_color_42x16dp.png

Requested by

Host: 1ebfkbv53.xyz
URL: http://1ebfkbv53.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://1ebfkbv53.xyz/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 06 Nov 2020 11:21:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 360785
vary: Origin
content-type: image/png
status: 200
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 910
x-xss-protection: 0
expires: Sat, 06 Nov 2021 11:21:16 GMT

GET
H2 200 translate_24dp.png
www.gstatic.com/images/branding/product/2x/ 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/product/2x/translate_24dp.png

Requested by

Host: translate.googleapis.com
URL: https://translate.googleapis.com/translate_static/css/translateelement.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://translate.googleapis.com/translate_static/css/translateelement.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 10 Nov 2020 12:07:34 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 12407
vary: Origin
content-type: image/png
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1847
x-xss-protection: 0
expires: Wed, 10 Nov 2021 12:07:34 GMT

GET
H3-Q050 200 l Show response
translate.googleapis.com/translate_a/ Frame E1DB 3 KB
1 KB 41ms
40ms Script
application/javascript 2a00:1450:4001:819::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:819::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1oJrwDoVFXiGZJvLdPoPGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'report-sample' 'nonce-1oJrwDoVFXiGZJvLdPoPGw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/TranslateApiHttp/cspreport;worker-src 'self'
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
status: 200
date: Tue, 10 Nov 2020 15:34:21 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-Q050=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.1ebfkbv53.xyz/	1970-01-19 18:13:10	Name: __utmz Value: 248197831.1605022462.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.1ebfkbv53.xyz/	1970-01-19 13:50:23	Name: __utmt Value: 1
.1ebfkbv53.xyz/	1969-12-31 23:59:59	Name: __utmc Value: 248197831
.1ebfkbv53.xyz/	1970-01-20 07:21:34	Name: __utma Value: 248197831.778488997.1605022462.1605022462.1605022462.1
.1ebfkbv53.xyz/	1970-01-19 13:50:24	Name: __utmb Value: 248197831.1.10.1605022462
.1ebfkbv53.xyz/	1970-01-19 14:33:34	Name: __cfduid Value: de7994b78ec0c9483c3b7e2ee185802b01605022459

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://autoimmunewellness.com/wp-content/cache/autoptimize/js/autoptimize_dac68f98ce38f04afb7ae3960dafedce.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 1.4.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ebfkbv53.xyz
aiwellness.wpengine.com
autoimmune-paleo.com
autoimmunewellness.com
buttons-config.sharethis.com
c.sharethis.mgr.consensu.org
cdnjs.cloudflare.com
code.jquery.com
daks2k3a4ib2z.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
l.sharethis.com
maxcdn.bootstrapcdn.com
necolas.github.io
p.typekit.net
platform-api.sharethis.com
stats.g.doubleclick.net
translate.google.com
translate.googleapis.com
use.typekit.net
www.google-analytics.com
www.gstatic.com
13.224.89.51
185.199.108.153
2001:4de0:ac19::1:b:2a
2001:4de0:ac19::1:b:2b
2600:9000:20eb:1400:c:abe:f440:93a1
2600:9000:2190:a00:1c:8a07:5e80:93a1
2600:9000:2190:fa00:c:a9b7:ddc0:93a1
2606:4700:3031::681c:1346
2606:4700:3035::ac43:d621
2606:4700:3037::ac43:ae79
2606:4700::6810:125e
2a00:1450:4001:803::200a
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:819::200a
2a00:1450:4001:81a::200e
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2003
2a00:1450:400c:c00::9c
2a02:26f0:10c:5a4::19fd
2a02:26f0:6c00::210:ba0a
3.121.177.130
8.34.213.167
0da50cff35708a2790dac0457ecdc3e52e3c811caef93c274fb3f394e7e8b6bf
0eb6f473d6ae177065ce8bf95132563dffe9dc273168e3e03501e632f1e7a0a5
0ebbdf8eb5c3a5d4fc0ae6905d3412fb12025834bb526eb121d68407fae7536b
0f66213216d83c3325b395ec7fb537d56e02afffa733b14f28f431ab04f7f681
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
12ec71081ec22ec045f64cdaa02089cfc01535c3d5a8ea3622c31e9d3e3d8a73
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
15fe0ea1dfa766a7e26466acf5f0017f889b13b7e0f3f8cb9cc90e2e5c3c482f
18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
23c471f9f9c44f559a3909ef5dc3d26cd8f4d5a678e56372c5ff05c027f6f56c
25e37bf710fa73d535d27ace02b05351910bf79f250db98545b68179857ce62a
29445ce508d88ceb3287b8743ac90d89c0affee0ba6eab7765274f70f4fc766c
2b7809a32583857af19a25752bdcf42abde5613f791c6388c49a69696458657d
2c29defe29114d0e8b948e78d50ebb281035df53a9167089deb1e77e801bbd2f
2ceee6ca5f32859aef616ddc7c74a67e1e7887c23132f3d9a8a61479c068d21b
2f0e74ef11fded5b721296335b5fe6eb516cfee12091deb90bfd4f35fec3f1c1
347ee97a492f79675749d03533810ff899ee6a784b4e156f3e0a7613cdfb3d40
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3d19043a1430ed76e3a4baf571733875a2d5049d785878c92264babdd8a223e1
4497d0c3c70278eb9e9a2bafd2dcbb30d0da5a89ed74099456202b2ee39e994c
47bd3866d67c6470ff420960ca0a2a44ce66ec8c88271b7cf99600529376b56c
4a1f1fbd7cae138f690aec083e31e485cfeaab806591228c6dd6ebe71ae982e8
4f370a3830e43cb79fba312ab079963e99b737eabb35fcf8ffda8130bb2260dd
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
56743fb13c30a99e8674206ba266611a9ca40cd3b527b7ab459ed97d25fe4845
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
6318394f737c66f0e2ccfcd88e3935c6667633a1b95fa29fba2b75431d55eef2
661a4243cf5ff51e76b35e0e50bf5581fca425ba99c946aae662e30fc760c0b8
6c0982a96ac2d384027d5a22fa4a63f4375184c3817dbffd2276f31a18cc9daa
6cf1f68ac3c6cc1eaa679245fcf1eb2014f7ced8223c6d1800d0446c80ef9d10
7417c5da0a35da8defb2434923e89cf1fa5f64f23c7d6c19818e77881d428c94
789a3981687868cf8b861ea997685e9826e8c7d807a8621467edcc8a779b4e28
7bf9f0a3979ff1eecc80fbb62abb7e3071a344c194e39d7b06362bdda7ca0628
80cfc390f534ca8d75ac161e82639486b1ee24b30c402af8bcc89d113ff343eb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
857e95f5d003bd04be798e18b5a83268cbffb657badfd6701627a516a9540ecb
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8ed6c09996f2a6587d8aef289768d3e48b51b2285b69ad1d17956413f6415bfd
8efe93d54b76bd3177e461f528e5f4308d0eef87d05e45e469f8430fe4031c93
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
99cbf8461e06bcc64daaaba6ff5a06ac695e03b10687151091966afaccff6dd7
9acf00c01f8535551392962ecbee26bd6008385720c006def6399c6a09beaa6c
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9d6de6e74db1db45d1110878298ced42790e9e8fb43d40a7748f12f7ae91b802
ab0cb43d4edb2a4410953eee55184c500243f87f5440869bf9c862a461a90629
ad8e530eb16a53ebe93503917fa69e2ef37d1385e737045e966740697a3786a0
b073240c6c0e2a4ea4744ae67de5abc897980a148561572177383b1b3828b1e7
b12267d0b6460bd101444137253136d374cd011011ff7b98c31044c6ca25d37c
b1f69cb631d1cc88e311ffc95a814d46912207429182be7ce21fdfab5292bc2a
b7c08d17737baa76d4a59c7eed414adb6d93566d3421372fc0404aa9f2363c78
b90114ff09b5d5dae333a7b99f5c21b2d3d5c7c8681ae039b91890a289a90090
be46e53117144f19f998cc38886635ece607ee47f32880b6f91a50d2e9c68124
c2171cb99fa0b38c1c427abe85c66025906ed6a0602b4ced85d10802f415714c
c4fcc74ecab8ed24dd9de68c0adc45b08c0b6f5105f8e2bf35b1dcbcb93b9ae2
ca435c33acbc343c9a3db08401ea0b95c724474a8deea44bb6cce17b005739a9
cd6d920413194aa263f0072039d2c2735bf8d49215dfabfb501000fc80a1f6dc
d850cadc389cddf7db20085f5612d9b09bf590126117283f284ecaa5f2dc8543
db58fbdd3b4cd12d729fd5d21a19ddc484943744299fc98c7103c0e4d1e5ae76
dee9eb50d5d1614e2d524152d8557029d4587881bdd706512732713ce4caa7cd
df01857d4a90ef96f9ad9b957244d11a81200fd5e9baf653b47682a7ad5d3ada
e2ee4019fa857c07db1f291291686630b3328ae5e0cae8f9b79473d78902f80d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e499a19647c054cb61f4e3a5290f041cb057ba2a48a362ce79db007d09c14560
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eb4ce77b79f50cd1ca072086ea2dffbb1077de4922232bc7ad1f72ae12b8cb67
ecbe87eb746c4dbb96f3725b1dcf1c7e18216e5a8b11d8da42eb540b52271422
fd65c8e7ac0e733130a14df58d6bad9921fc00483832bcf7961a904edecf0127

1ebfkbv53.xyz Open in urlscan Pro 2606:4700:3035::ac43:d621 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

71 Requests

79 %HTTPS

83 %IPv6

17 Domains

22 Subdomains

22 IPs

5 Countries

14987 kBTransfer

16313 kBSize

6 Cookies

65 Outgoing links

Redirected requests

71 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

1ebfkbv53.xyz Open in urlscan Pro
2606:4700:3035::ac43:d621 Public Scan

Screenshot
Live screenshot

Full Image

71
Requests

79 %
HTTPS

83 %
IPv6

17
Domains

22
Subdomains

22
IPs

5
Countries

14987 kB
Transfer

16313 kB
Size

6
Cookies

71 HTTP transactions
1 data transactions