urlscan.io logo urlscan.io
SecurityTrails logo

pages.upwellness.com Open in urlscan Pro
3.69.136.55  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://341.mp2201.com/a/341/click/9504385/724121738/_46da56fa2099165f1b97e99615f435f67fe4b0dd/a46e1448ff905e86db36fcfb...
Effective URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Submission Tags: falconsandbox
Submission: On September 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 5 countries across 31 domains to perform 120 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is pages.upwellness.com.
TLS certificate: Issued by R3 on August 16th 2021. Valid for: 3 months.
This is the only time pages.upwellness.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.238.129.105 15169 (GOOGLE)
1 1 52.51.237.18 16509 (AMAZON-02)
1 3.69.136.55 16509 (AMAZON-02)
2 13.224.193.86 16509 (AMAZON-02)
1 208.83.60.221 36529 (AXXA-RACKCO)
4 3.212.168.243 14618 (AMAZON-AES)
2 2600:9000:21f... 16509 (AMAZON-02)
1 151.101.129.131 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
8 2a04:4e42:400... 54113 (FASTLY)
1 2600:9000:20e... 16509 (AMAZON-02)
3 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
2 2a04:4e42:1b::84 54113 (FASTLY)
3 52.205.62.94 14618 (AMAZON-AES)
1 13.224.193.116 16509 (AMAZON-02)
19 13.225.84.77 16509 (AMAZON-02)
2 2a00:1288:80:... 203220 (YAHOO-DEB)
2 151.101.65.44 54113 (FASTLY)
1 2.18.234.190 16625 (AKAMAI-AS)
1 13.225.78.63 16509 (AMAZON-02)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
1 142.250.186.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 44.193.101.206 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.238.14.155 14618 (AMAZON-AES)
14 2a00:1450:400... 15169 (GOOGLE)
3 184.30.24.193 16625 (AKAMAI-AS)
1 13.224.193.121 16509 (AMAZON-02)
2 64.202.112.127 23352 (SERVERCEN...)
1 4 2a00:1450:400... 15169 (GOOGLE)
1 151.101.194.133 54113 (FASTLY)
5 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 212.82.100.181 34010 (YAHOO-IRD)
1 13.224.193.12 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 52.210.84.221 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.86.94.156 14618 (AMAZON-AES)
2 54.146.248.82 14618 (AMAZON-AES)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 52.23.190.53 14618 (AMAZON-AES)
2 141.226.228.48 200478 (TABOOLA-AS)
120 46
1    35.238.129.105 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 105.129.238.35.bc.googleusercontent.com
341.mp2201.com
1    52.51.237.18 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-237-18.eu-west-1.compute.amazonaws.com
go.welldaily.com
1    3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
pages.upwellness.com
2    13.224.193.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-86.fra2.r.cloudfront.net
builder-assets.unbounce.com
1    208.83.60.221 (United States)

ASN36529 (AXXA-RACKCO, US)
upwellness.com
4    3.212.168.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-168-243.compute-1.amazonaws.com
store2.upwellness.com
2    2600:9000:21f3:4e00:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
1    151.101.129.131 (United States)

ASN54113 (FASTLY, US)
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
3    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a04:4e42:400::622 (United States)

ASN54113 (FASTLY, US)
fast.wistia.com
1    2600:9000:20eb:b800:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
3    2606:4700:3032::ac43:dff2 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.useproof.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a04:4e42:1b::84 (United States)

ASN54113 (FASTLY, US)
s.pinimg.com
3    52.205.62.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-62-94.compute-1.amazonaws.com
h.upwellnessfeed.com
1    13.224.193.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-116.fra2.r.cloudfront.net
assets.ubembed.com
19    13.225.84.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-77.fra2.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
2    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
2    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
1    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
amplify.outbrain.com
1    13.225.78.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-63.fra2.r.cloudfront.net
static.hotjar.com
3    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    44.193.101.206 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-193-101-206.compute-1.amazonaws.com
events.ub-analytics.com
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:1f18:730:b120:5b38:df27:617f:9396 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    34.238.14.155 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-14-155.compute-1.amazonaws.com
rp4.liadm.com
14    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    184.30.24.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-193.deploy.static.akamaitechnologies.com
ct.pinterest.com
1    13.224.193.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-121.fra2.r.cloudfront.net
script.hotjar.com
2    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
tr.outbrain.com
4    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
embed-fastly.wistia.com
5    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    13.224.193.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-12.fra2.r.cloudfront.net
vars.hotjar.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
5    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    52.210.84.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-84-221.eu-west-1.compute.amazonaws.com
in.hotjar.com
1    2606:4700:3033::6815:40e (United States)

ASN13335 (CLOUDFLARENET, US)
api.useproof.com
1    52.86.94.156 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-94-156.compute-1.amazonaws.com
distillery.wistia.com
2    54.146.248.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-248-82.compute-1.amazonaws.com
live-visitor-counts.herokuapp.com
1    2606:4700:3035::6815:23e9 (United States)

ASN13335 (CLOUDFLARENET, US)
analytics.proofapi.com
1    52.23.190.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-190-53.compute-1.amazonaws.com
pipedream.wistia.com
2    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
Apex Domain
Subdomains		 Transfer
21 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
746 KB
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
415 KB
11 wistia.com
fast.wistia.com
embed-fastly.wistia.com
distillery.wistia.com
pipedream.wistia.com
264 KB
6 upwellness.com
pages.upwellness.com
upwellness.com
store2.upwellness.com
67 KB
5 google.de
www.google.de
1000 B
5 google.com
www.google.com
1 KB
5 facebook.com
www.facebook.com
717 B
5 doubleclick.net
googleads.g.doubleclick.net
stats.g.doubleclick.net
5 KB
4 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
in.hotjar.com
63 KB
4 taboola.com
cdn.taboola.com
trc.taboola.com
trc-events.taboola.com
26 KB
4 useproof.com
cdn.useproof.com
api.useproof.com
602 KB
3 pinterest.com
ct.pinterest.com
1 KB
3 bing.com
bat.bing.com
10 KB
3 outbrain.com
amplify.outbrain.com
tr.outbrain.com
4 KB
3 upwellnessfeed.com
h.upwellnessfeed.com
14 KB
3 liadm.com
b-code.liadm.com
rp.liadm.com
rp4.liadm.com
11 KB
3 googletagmanager.com
www.googletagmanager.com
119 KB
2 herokuapp.com
live-visitor-counts.herokuapp.com
200 B
2 google-analytics.com
www.google-analytics.com
20 KB
2 yimg.com
s.yimg.com
7 KB
2 pinimg.com
s.pinimg.com
20 KB
2 facebook.net
connect.facebook.net
114 KB
2 ubembed.com
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
assets.ubembed.com
49 KB
2 unbounce.com
builder-assets.unbounce.com
36 KB
1 proofapi.com
analytics.proofapi.com
837 B
1 yahoo.com
sp.analytics.yahoo.com
964 B
1 ub-analytics.com
events.ub-analytics.com
245 B
1 googleapis.com
fonts.googleapis.com
2 KB
1 googleadservices.com
www.googleadservices.com
14 KB
1 welldaily.com
go.welldaily.com
2 KB
1 mp2201.com
341.mp2201.com
656 B
120 31
Domain Requested by
19 d9hhrg4mnvzow.cloudfront.net pages.upwellness.com
14 fonts.gstatic.com fonts.googleapis.com
8 fast.wistia.com pages.upwellness.com
fast.wistia.com
5 www.google.de pages.upwellness.com
5 www.google.com 1 redirects pages.upwellness.com
5 www.facebook.com pages.upwellness.com
4 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
4 store2.upwellness.com pages.upwellness.com
store2.upwellness.com
3 ct.pinterest.com s.pinimg.com
pages.upwellness.com
3 bat.bing.com pages.upwellness.com
bat.bing.com
3 h.upwellnessfeed.com pages.upwellness.com
h.upwellnessfeed.com
3 cdn.useproof.com pages.upwellness.com
cdn.useproof.com
3 www.googletagmanager.com pages.upwellness.com
www.googletagmanager.com
2 trc-events.taboola.com cdn.taboola.com
2 live-visitor-counts.herokuapp.com cdn.useproof.com
2 tr.outbrain.com amplify.outbrain.com
pages.upwellness.com
2 www.google-analytics.com www.googletagmanager.com
pages.upwellness.com
2 s.yimg.com pages.upwellness.com
s.yimg.com
2 s.pinimg.com pages.upwellness.com
s.pinimg.com
2 connect.facebook.net pages.upwellness.com
connect.facebook.net
2 d34qb8suadcc4g.cloudfront.net pages.upwellness.com
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com pages.upwellness.com
1 pipedream.wistia.com fast.wistia.com
1 analytics.proofapi.com cdn.useproof.com
1 distillery.wistia.com fast.wistia.com
1 api.useproof.com cdn.useproof.com
1 in.hotjar.com script.hotjar.com
1 www.gstatic.com cdn.useproof.com
1 vars.hotjar.com static.hotjar.com
1 sp.analytics.yahoo.com pages.upwellness.com
1 stats.g.doubleclick.net www.google-analytics.com
1 embed-fastly.wistia.com pages.upwellness.com
1 trc.taboola.com cdn.taboola.com
1 script.hotjar.com static.hotjar.com
1 rp4.liadm.com pages.upwellness.com
1 rp.liadm.com 1 redirects
1 events.ub-analytics.com pages.upwellness.com
1 fonts.googleapis.com builder-assets.unbounce.com
1 www.googleadservices.com www.googletagmanager.com
1 static.hotjar.com pages.upwellness.com
1 amplify.outbrain.com pages.upwellness.com
1 cdn.taboola.com pages.upwellness.com
1 assets.ubembed.com 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
1 b-code.liadm.com pages.upwellness.com
1 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com pages.upwellness.com
1 upwellness.com pages.upwellness.com
1 pages.upwellness.com
1 go.welldaily.com 1 redirects
1 341.mp2201.com 1 redirects
120 49

This site contains links to these domains. Also see Links.

Domain
upwellness.com
Subject Issuer Validity Valid
pages.upwellness.com
R3		 2021-08-16 -
2021-11-14		 3 months crt.sh
*.unbounce.com
Amazon		 2021-03-10 -
2022-04-08		 a year crt.sh
www.upwellness.com
RapidSSL RSA CA 2018		 2020-02-02 -
2022-03-03		 2 years crt.sh
store2.upwellness.com
Sectigo RSA Domain Validation Secure Server CA		 2020-11-04 -
2021-11-04		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
*.js.ubembed.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
fast.wistia.com
GlobalSign Atlas R3 DV TLS CA 2020		 2021-03-22 -
2022-04-23		 a year crt.sh
*.liadm.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-18 -
2022-06-17		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-27 -
2022-08-05		 a year crt.sh
h.upwellnessfeed.com
R3		 2021-09-14 -
2021-12-13		 3 months crt.sh
assets.ubembed.com
Amazon		 2021-03-06 -
2022-04-04		 a year crt.sh
*.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-06 -
2021-10-27		 2 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-25 -
2021-12-26		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.ub-analytics.com
Amazon		 2021-05-10 -
2022-06-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
embed-fastly.wistia.com
R3		 2021-07-26 -
2021-10-24		 3 months crt.sh
*.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-05-24 -
2021-11-17		 6 months crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.wistia.com
Amazon		 2021-04-01 -
2022-04-30		 a year crt.sh
*.herokuapp.com
Amazon		 2021-06-01 -
2022-06-30		 a year crt.sh

This page contains 3 frames:

Primary Page: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Frame ID: A643AAF0AE8DD7710BB5C59CFEA23FD4
Requests: 112 HTTP requests in this frame

Frame: https://cdn.useproof.com/proxy/index.html
Frame ID: 875D68A98225CFADD030543FB7A20284
Requests: 6 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: C984051429AF539E441EBF466D4C1089
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Immune 11X - UpWellness - Dr. Joshua Levitt

Page URL History Show full URLs

  1. https://341.mp2201.com/a/341/click/9504385/724121738/_46da56fa2099165f1b97e99615f435f67fe4b0dd/a46e... HTTP 302
    https://go.welldaily.com/aff_c?offer_id=15&aff_id=103 HTTP 302
    https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • ubembed\.com
Overall confidence: 100%
Detected patterns
  • /(?:([\d.]+)/)?firebase(?:\.min)?\.js
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

120
Requests

99 %
HTTPS

44 %
IPv6

31
Domains

49
Subdomains

46
IPs

5
Countries

2614 kB
Transfer

5233 kB
Size

32
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://341.mp2201.com/a/341/click/9504385/724121738/_46da56fa2099165f1b97e99615f435f67fe4b0dd/a46e1448ff905e86db36fcfbd27c283518041a22 HTTP 302
    https://go.welldaily.com/aff_c?offer_id=15&aff_id=103 HTTP 302
    https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&duid=f0f26c15fa8f--01fftkbmrbx4cj7hbcq1t882jd&se=e30&dtstmp=1631906550745 HTTP 302
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&duid=f0f26c15fa8f--01fftkbmrbx4cj7hbcq1t882jd&se=e30&dtstmp=1631906550745&i6=MjAwMTphYzg6MzY6NjoyMDg6OjE%3D&n3pc=true
Request Chain 104
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1631906551068&cv=9&fst=1631906551068&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&hn=www.googleadservices.com&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/675938688/?random=1631906551068&cv=9&fst=1631905200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&async=1&is_vtc=1&random=1044893451&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/675938688/?random=1631906551068&cv=9&fst=1631905200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&async=1&is_vtc=1&random=1044893451&resp=GooglemKTybQhCsO&ipr=y

120 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pages.upwellness.com/uc-i11x-fps/
Redirect Chain
  • https://341.mp2201.com/a/341/click/9504385/724121738/_46da56fa2099165f1b97e99615f435f67fe4b0dd/a46e1448ff905e86db36fcfbd27c283518041a22
  • https://go.welldaily.com/aff_c?offer_id=15&aff_id=103
  • https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
292 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
cc8fc7e4bc6dc3e7c3542bf3f47d1ee6c8a1b930dd4c5d8336b3473a2a7fcf2b

Request headers

Host
pages.upwellness.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 17 Sep 2021 19:22:29 GMT
content-type
text/html; charset=UTF-8
transfer-encoding
chunked
p3p
CP="This is not a privacy policy."
x-unbounce-pageid
ca29e708-bbc6-4dd2-9faa-ac8cd497a818
etag
"b:dfd560430a521a5226ec19fea20c8143"
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
x-unbounce-visitorid
01d85e64-9016-4eee-a66c-6bb61147a2ae
x-unbounce-variant
b
content-location
https://pages.upwellness.com/uc-i11x-fps/
link
<https://pages.upwellness.com/uc-i11x-fps/>; rel="canonical"
set-cookie
ubpv=b%2Cca29e708-bbc6-4dd2-9faa-ac8cd497a818; Max-Age=15897600; Expires=Sun, 20 Mar 2022 19:22:29 GMT; Path=/uc-i11x-fps/; SameSite=Lax ubvs=01d85e64-9016-4eee-a66c-6bb61147a2ae; Max-Age=15552000; Expires=Wed, 16 Mar 2022 19:22:29 GMT; Path=/; SameSite=Lax ubvt=01d85e64-9016-4eee-a66c-6bb61147a2ae; Max-Age=259200; Expires=Mon, 20 Sep 2021 19:22:29 GMT; Path=/; Domain=upwellness.com; SameSite=Lax
content-encoding
gzip
x-proxy-backend
page-server
connection
close

Redirect headers

Server
nginx
Date
Fri, 17 Sep 2021 19:22:29 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
323
Connection
keep-alive
Cache-Control
no-cache, no-store, must-revalidate
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
P3p
CP="NOI CUR OUR NOR INT"
Pragma
no-cache
Set-Cookie
enc_aff_session_15=ENC03749dc0f5d99e169bf7826bef37dd933e8552105a5eabc00bfe7e8f8c9ac515eadd144e4a3361bd9880ab9b7df50cd4ff5c496a2b7509e4e16273e7bc55cfc460a54054671a1619192eabea5cafaacc6bddb5b3158e0f08d485cfd81fa7d372a0a4f28c5db0c2d0a93504dbf159f669c3202ac1612b8302363c1d591911d83d7812a1daab; expires=Fri, 24 Sep 2021 19:22:29 GMT; path=/; SameSite=None; Secure ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==; expires=Mon, 12 Aug 2024 06:02:29 GMT; path=/; SameSite=None; Secure
Tracking_id
102aa15732e9cbf2ac1debbbdc4c03
X-Robots-Tag
noindex, nofollow
Access-Control-Allow-Origin
*
X-Request-Id
c87553c96d7092ff3dc1d8906ef0a34d
Access-Control-Allow-Headers
Tune-SDK-Version
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 05 Feb 2021 01:12:18 GMT
content-encoding
gzip
last-modified
Thu, 14 Jan 2021 00:04:15 GMT
server
AmazonS3
age
19419012
etag
"387bd017c5b4c65e427e652174ec93b6"
x-cache
Hit from cloudfront
x-amz-version-id
g0dWGVKuz6Te2m6gM.NTNKySvNlc4fV3
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
text/css
content-length
2902
x-amz-cf-id
N__B3o8sZygHgF_zbG0PMEHq5yYPYJBjD1pP9_DEmLiAm0lT8Tm-mw==
jquery.min.js
upwellness.com/services/scripts/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://upwellness.com/services/scripts/jquery/jquery.min.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
208.83.60.221 , United States, ASN36529 (AXXA-RACKCO, US),
Reverse DNS
Software
nginx /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
public
Date
Fri, 17 Sep 2021 19:22:29 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Nov 2020 19:48:41 GMT
Server
nginx
ETag
W/"5fbd6399-15d84"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=604800, public
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Fri, 24 Sep 2021 19:22:29 GMT
UCInvisibleLink
store2.upwellness.com/cgi-bin/ 		433 B
809 B 		Script
General
Check archive.org
Download Go to
Full URL
https://store2.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.168.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-168-243.compute-1.amazonaws.com
Software
Apache /
Resource Hash
4b14a777c8582e60d34266d77bff8d0a47eefac19e4e3a282fcbf4c22ca08a39
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
252
UCAffiliateNetworkPixel
store2.upwellness.com/cgi-bin/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://store2.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.168.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-168-243.compute-1.amazonaws.com
Software
Apache /
Resource Hash
f886442185a1559b3e9fe399279660422eff85dc639a3a29b16c47a8baae0ddc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
597
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4e00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 03 May 2021 00:38:38 GMT
content-encoding
gzip
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
age
11904233
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
1856
x-amz-cf-id
rewehA4UlDMkVZ_gjluNBkq8srejv8uHpAtj9I-hN0Gu5oTmjsvTZA==
/
0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7044b9003220f91e558fe300ad4e01d89164c1bb0b56fdb860960986657d5296

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
br
x-backend-region
eu_west_1
age
1226
etag
209ab4ce3ff5c6ca9d5e1ba348f1fbb8-v0.179.1
vary
Accept-Encoding, Referer
x-cache
Miss from cloudfront, HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate
x-amz-cf-pop
FRA56-P3
accept-ranges
none
x-amz-apigw-id
F0jm6G8kDoEF-MQ=
js
www.googletagmanager.com/gtag/ 		96 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-862759327
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f0694f8df07b8c8263ded99dd085a07c04cbc6a67fed7abbf58d816312027935
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39227
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Sep 2021 19:22:30 GMT
rjukmx7rqk.jsonp
fast.wistia.com/embed/medias/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/embed/medias/rjukmx7rqk.jsonp
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e0cf1d4fc4b0cc49212dc6381531dfc4855af0e7257f7013af58b258792899f9
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
br
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
age
43038
x-cache
HIT, HIT
p3p
CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
vary
Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
content-length
1542
x-request-id
3ee5d7c034a9e3f53a9997fe0b39c8b9
x-served-by
cache-dca17764-DCA, cache-mxp6960-MXP
x-runtime
0.060294
access-control-allow-origin
*
referrer-policy
strict-origin-when-cross-origin
x-timer
S1631906550.464968,VS0,VE1
etag
W/"e0cf1d4fc4b0cc49212dc6381531dfc4"
x-download-options
noopen
strict-transport-security
max-age=0
content-type
application/javascript; charset=utf-8
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
cache-control
public, no-cache
x-browser
chrome
x-browser-version
92
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
E-v1.js
fast.wistia.com/assets/external/ 		611 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/E-v1.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0b65fa5d96d9b48f7a823f076336fcb4ffd66c09f9614cc5ff52ac91724be05e
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
br
vary
Accept-Encoding
age
1455
x-cache
HIT, HIT
content-length
117791
x-served-by
cache-dca17745-DCA, cache-mxp6960-MXP
access-control-allow-origin
*
x-browser-version
92
last-modified
Thu, 16 Sep 2021 13:57:10 GMT
x-timer
S1631906550.465028,VS0,VE0
etag
"61434d36-1cc1f"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 99
swatch
fast.wistia.com/embed/medias/rjukmx7rqk/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/embed/medias/rjukmx7rqk/swatch
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
faa58395059c0affc55d8da780eeb8fae313c723cc9af523054293ce7b3b4a7b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
access-control-request-method
*
age
43509
x-cache
HIT, HIT
content-disposition
inline
content-length
3688
x-served-by
cache-dca17734-DCA, cache-mxp6960-MXP
access-control-allow-origin
*, *
x-browser-version
92
last-modified
Mon, 27 Jul 2020 22:32:56 UTC
x-timer
S1631906550.465102,VS0,VE1
strict-transport-security
max-age=0
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/jpeg
via
1.1 varnish (Varnish/6.0), 1.1 varnish, 1.1 varnish
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
cache-control
public, no-cache, max-age=31536000
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
main.bundle-fed11df.z.js
builder-assets.unbounce.com/published-js/ 		102 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-86.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 06 May 2021 20:57:02 GMT
content-encoding
gzip
last-modified
Thu, 06 May 2021 18:27:02 GMT
server
AmazonS3
age
11571929
etag
"02427a0829fed4e24e9864e2f6f1d669"
x-cache
Hit from cloudfront
x-amz-version-id
PY5jXkWzij7RMiymy035twJKn1QV7eth
via
1.1 24c299c0a6423c6f96984a85fb014109.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-type
application/javascript
content-length
33154
x-amz-cf-id
_s8ttaGjyJJ3W8PB3YGNIliGSLEE21jTZJvmYHDzHyj3fo72pIFkqw==
a-057g.min.js
b-code.liadm.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-057g.min.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:b800:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ZIO-Http /
Resource Hash
7ba22a5e9ec9615ad47452e1459daeec330a664cf862ad44a5e1cce6147dc899

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 05:23:07 GMT
via
1.1 c379418fd6100691807f32f274ebe9ce.cloudfront.net (CloudFront)
server
ZIO-Http
age
50363
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=86400
x-amz-cf-pop
FRA2-C1
content-encoding
gzip
x-amz-cf-id
8NbXl7c5w9xN4A_eR3ro8HdYIruGQALOPMDtdTfnv9X3SYes92DUEw==
proof.js
cdn.useproof.com/ 		486 KB
487 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15459051
cf-ray
6904b4245aac4a79-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
497733
x-amz-id-2
H6ZIkpihwD2NWJAmkNq/mx8uBgwQVsnR4HeMriixdJ7+y9Z5MBq6CTVi0htNuiAnVtjEeIcxm2I=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"0426397a9b31146729ac86c5be8595d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQFOPTbetJtqX48fF0Jycb7FQgmBZ1vaUf1x%2FPsdpM9AlJkD13K3M1upRfJ%2BTQsnXMa9cmqCHY29S9mJ2qosOkmxytXhQR8hdVIFLUm2CBy0Jn1QSs6nMbipAkR1nYcctFhFKJFa0JUm6NViIXZ5"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
G7YP0C5YWHNJMG64
cache-control
public, max-age=315360000, no-transform
x-amz-version-id
F0WxJo6k6ZqSk5t4_qZ.mqlg1RkwiqAq
accept-ranges
bytes
content-type
application/javascript
cf-bgj
minify
invisibleLink.jsp
store2.upwellness.com/affiliate/ 		204 B
877 B 		Script
General
Check archive.org
Download Go to
Full URL
https://store2.upwellness.com/affiliate/invisibleLink.jsp?mid=UPWEL&r=&u=https%3A//pages.upwellness.com/uc-i11x-fps/%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_
Requested by
Host: store2.upwellness.com
URL: https://store2.upwellness.com/cgi-bin/UCInvisibleLink?merchantId=UPWEL
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.168.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-168-243.compute-1.amazonaws.com
Software
Apache /
Resource Hash
ba44e523c3d8660e95dd14a9accd2f1e1b656ea8a4771efa493abf8c06dfeed6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
Apache
vary
Accept-Encoding
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/javascript; charset=utf-8
content-length
134
fbevents.js
connect.facebook.net/en_US/ 		99 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
kqZnrb028+0wQCbXg5LlDxZSjKaQnqkokVMIbAb4iPHdFCy9Pi3YN1z1sidnYvtP9F98TiTaGgLp76yW/U4xsw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 17 Sep 2021 19:22:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
48c68c466497c98078950e24f7d499d9b6aedc16c8a980535226a14f32feb55f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
fastly-restarts
1
x-cdn
fastly
etag
"be0de9f37bc515448fb9440e478cda10"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
gtm.js
www.googletagmanager.com/ 		112 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
79215bffe21a8b78430c1f72743e4a3a9a6d1fad18a4f00e5e0d993a63ad94cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42521
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Sep 2021 19:22:30 GMT
universal-script
h.upwellnessfeed.com/v1/lst/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
540d4bba81958ef2b8464afc75a107192dd9e24d9ebadff25f44f7e6996c0480

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 19:22:30 GMT
Server
nginx/1.18.0 (Ubuntu)
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Content-Type
text/plain;charset=utf-8
Access-Control-Expose-Headers
Session-ID
Transfer-Encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
Front-End-Https
off
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/gif
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514266
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:4e00:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 23:20:35 GMT
content-encoding
gzip
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
age
17006516
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
via
1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
content-length
30399
x-amz-cf-id
zLO8qMjZWFNrUB3XVWJME_EvqnQpmXnC748tNLqYyN5EusRONRS0jw==
bundle.js
assets.ubembed.com/universalscript/releases/v0.179.1/ 		173 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.ubembed.com/universalscript/releases/v0.179.1/bundle.js
Requested by
Host: 0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
URL: https://0505c62f0b6942afbaf22991f0778de5.js.ubembed.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-116.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 03 Aug 2021 16:54:54 GMT
content-encoding
gzip
last-modified
Fri, 30 Jul 2021 19:19:04 GMT
server
AmazonS3
age
3896857
etag
W/"4d21402425377bf4a0f3a4f7ab8db2ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f7bf326347bdd7f275a38a22b5b83724.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
F15a7E5YdJ03htFLu34kqdbeCbO86xtbPWxu3-scxh1EdQLxRhD17g==
552e04ed-3c3c3c-grey-wavebg_11hc0sl000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		100 KB
101 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/552e04ed-3c3c3c-grey-wavebg_11hc0sl000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
77211f7595bf822b2ec0c52c5c78e1400ce3d66885e566342a1c7e6b36a1c3f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 17:00:45 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
1390906
etag
"fea0e81269ca004b1589035292ada1c5"
x-cache
Hit from cloudfront
x-amz-version-id
bo35dJI2cD3j03oqCJhLqUBVeu9NWoLv
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
102599
x-amz-cf-id
HYLwCPEXhn6ry_v8E50wSqq605P4rjGJhNR2-GZtqt851Iz_J5AiUw==
d3e49b11-fb7f07-shorter-orange-wavebg_11hc0lm000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/d3e49b11-fb7f07-shorter-orange-wavebg_11hc0lm000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7e9559426d647ede464f6570a728dd24346c558a2cdf9c85a652e5bc999bf10e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 16:13:16 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:08 GMT
server
AmazonS3
age
184155
etag
"1341778ff066cde28775587f57fbb93a"
x-cache
Hit from cloudfront
x-amz-version-id
crG34RHhZmtDxKrjcQ5Z2yltG9zCES03
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
74542
x-amz-cf-id
kfYAnvQtaJwRSgjXDOwGtKNfwtDfy5guDw1WrPcco4eRVyoaBdNPwg==
c1421fbb-tria-listpad-e21-converted-1_124f1lb1hc1lb0bj000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		296 KB
297 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/c1421fbb-tria-listpad-e21-converted-1_124f1lb1hc1lb0bj000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5f688a5e666f99817e56ea624f7543e5c35ad288ee53b587b73932c9fb65f686

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 07:46:37 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:08 GMT
server
AmazonS3
age
560154
etag
"089cee077755850a516fbb6d37cdff45"
x-cache
Hit from cloudfront
x-amz-version-id
KSBf_uyhbu02iv2dtg4rgn0Lra6GT2TA
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
302980
x-amz-cf-id
6oZPcZuq9wq1gX3r2MDaOAEocxH1_16hL1lracPvdozOm3loxS7oAQ==
6cec1b2f-flat-3c3c3c-grey-wavebg_11hc0sl000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/6cec1b2f-flat-3c3c3c-grey-wavebg_11hc0sl000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
710651d81196e5403855aa6e8c3f7ddc7a476ec7c728846acadb870c46e181eb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 16:47:15 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
354916
etag
"8e882b2123ddfb94ca7c427496ba0413"
x-cache
Hit from cloudfront
x-amz-version-id
KR6FrM29jtjt.gWhS5gCEPm_3MZOS.CC
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
109384
x-amz-cf-id
pxkcJbGMbmLay8WCLTdOTEZpIXuAlY3Y_yQ8HpVMM8pHwIdNsmHUPg==
ytc.js
s.yimg.com/wi/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ats-carp-promotion
1
date
Fri, 17 Sep 2021 19:18:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
5639
x-amz-id-2
2c6rNcReUHnXHBgsBm+TuhyGDLuscX57VZRc7HbkTRxf4LESPGMC73PgkPv7eQo46pC+rOrjwtc=
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Thu, 27 May 2021 13:00:20 GMT
server
ATS
etag
"6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
8HT5GNXGBQBJWRX8
x-xss-protection
1; mode=block
cache-control
public,max-age=3600
x-amz-version-id
Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges
bytes
content-type
application/javascript
tfa.js
cdn.taboola.com/libtrc/unip/1225872/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
aa3547abea3784ceccc2dac8d6ad68455f7dfd84b9995cfacc16983f0ddd0da7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
imSYArNm.gr8CKcCmXiTQfn3a1AGdpSK
content-encoding
gzip
etag
"db2218f685f0380f83000a7ea0edefed"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
24762
x-amz-id-2
j5j/pBgpWkqZmFuxkqPA0qGVVZcwjNJp4KaIQfrlNRVVV5HOByMusQiAPaX8BFrhHDHr/5x2MOs=
x-served-by
cache-hhn4052-HHN
last-modified
Mon, 09 Aug 2021 10:28:23 GMT
server
AmazonS3
x-timer
S1631906551.556643,VS0,VE97
date
Fri, 17 Sep 2021 19:22:30 GMT
vary
Accept-Encoding
x-amz-request-id
YDNFWXNVNEM1FZ8Q
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
10
x-cache-hits
1
obtp.js
amplify.outbrain.com/cp/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amplify.outbrain.com/cp/obtp.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 19:22:30 GMT
Content-Encoding
gzip
Last-Modified
Mon, 28 Jun 2021 09:47:31 GMT
Server
AkamaiNetStorage
ETag
"fdbbe544cf69190da6e6a5b05f6879cb:1624873651.390898"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3100
Expires
Fri, 17 Sep 2021 19:42:30 GMT
hotjar-795540.js
static.hotjar.com/c/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-795540.js?sv=6
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-63.fra2.r.cloudfront.net
Software
/
Resource Hash
f01bbeff5f592f4367cd86fe097f17e09f9d2c71bbc4087836ac368d1809cdb2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/11a1b4c00e8cade59025afd8f27b33b3
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
2023
via
1.1 aab8eb1f7b95159cdf1cf139d0bbc33c.cloudfront.net (CloudFront)
x-amz-cf-id
FrwFlOmPWjbUQFNuUN3j0tlSc1FqkjG-M0d2cUp4dRxu7QuqmgyBMw==
bat.js
bat.bing.com/ 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:29 GMT
content-encoding
gzip
last-modified
Wed, 15 Sep 2021 18:56:21 GMT
x-msedge-ref
Ref A: 62257B0DBCCA4DC99A501D485041553E Ref B: FRAEDGE1306 Ref C: 2021-09-17T19:22:30Z
etag
"80386a5f63aad71:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
9827
conversion_async.js
www.googleadservices.com/pagead/ 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-862759327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14042
x-xss-protection
0
server
cafe
etag
5157641309300231189
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Sep 2021 19:22:30 GMT
main.e7fd5392.js
s.pinimg.com/ct/lib/ 		53 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.e7fd5392.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:1b::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
330ad082fc0156cb33905081e0ec51703cd42af60a30a7d20aee333daa68bf20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"30ff292a4ebc0e59d7e191b6f654384a"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
18816
access-control-expose-headers
X-CDN
724703108401252
connect.facebook.net/signals/config/ 		306 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/724703108401252?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d19ee3956c38c34ca79c30cc1e688467e1da4d9189cac1aae40d54217e5fc97f
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
kZW1dQQJ0ZdjYlkHwePHsE7o6tzO+80MrmgDcfCPF7RzZeRjtwkGzLLYq3d0rdnvlKKpZjvdfn9MdmX6KDVH5Q==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Fri, 17 Sep 2021 19:22:30 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
80e69ea4-e178-492b-a1e8-c92b1d39c1ea
https://pages.upwellness.com/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://pages.upwellness.com/80e69ea4-e178-492b-a1e8-c92b1d39c1ea
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Length
5603
Content-Type
text/css
css
fonts.googleapis.com/ 		21 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-fed11df.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
176db15772ec635da5102757957a1675b98ae0bd690035c4bb860264394a95e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 19:22:30 GMT
server
ESF
date
Fri, 17 Sep 2021 19:22:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Sep 2021 19:22:30 GMT
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1631906550568&e=pv&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&page=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=3224455d-70bf-429b-9a4a-aced81cc623d&dtm=1631906550567&vp=1600x1200&ds=1600x11427&vid=1&sid=3eb2ee49-5265-4c17-a99d-577cd2a69292&duid=447f2c02-4a3a-47c6-ba0c-3604c85b1a2e&uid=01d85e64-9016-4eee-a66c-6bb61147a2ae&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiY2EyOWU3MDgtYmJjNi00ZGQyLTlmYWEtYWM4Y2Q0OTdhODE4IiwidmFyaWFudElkIjoiYiIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6IndlaWdodGVkIn19XX0
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.193.101.206 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-193-101-206.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Sep 2021 19:22:30 GMT
access-control-allow-credentials
true
server
akka-http/10.0.9
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
content-length
43
content-type
image/gif
index.html
cdn.useproof.com/proxy/ Frame 875D 		325 B
794 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/index.html
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proof.js?acc=trtc0limNRYJwhvfi9uRqUFQo0w1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261

Request headers

:method
GET
:authority
cdn.useproof.com
:scheme
https
:path
/proxy/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pages.upwellness.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-type
text/html
content-length
325
x-amz-id-2
RAm8e3WLSc1Itlp/c5a93NH8TR9vcZdPszqu+YFFbDvVbZGGCjk9zXh1xAQ5PaOFktaeyaOlBjE=
x-amz-request-id
MG970GTEGEZG541S
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
etag
"f92252b1f21fd30ac52b59395971ecdb"
cache-control
max-age=315360000, no-transform, public
x-amz-version-id
6OysE9MvUGgGn.qn_BXpeYijOLHR8713
accept-ranges
bytes
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oOV7Izq0JBus9QCSyaAU0ChYaJ%2BnWYfVoUAuRX3b6JTdTj8SMhMghyfg%2BB1OdtM8MJ8zWUODXTibVFerukaunr0iX7RFqXQUJ53KHjwXmwbgzYO6U43EUROx2lXmrRfXYXQA21Ochm%2Bfi7Xk%2F0Wg"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6904b4255c474a79-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
86ba562c-check-1_100x017000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		611 B
998 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/86ba562c-check-1_100x017000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dcb8490278af52f6f2b072d7a31d079a0d47ebcca9857a5231aff930afc93bf8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 00:56:25 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
1275966
etag
"8bee8119a1217eb0cc7d2743043c1ef2"
x-cache
Hit from cloudfront
x-amz-version-id
cWJxyoGcxYbZXDGA1ob4NOiicDnm12AW
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
611
x-amz-cf-id
biE5thnngh3nbCF1_Z1-bT_Qf2OKH_R2ZlvSrGbJ7imGj4ViqJ7Uxg==
b8c51d05-lr-adobestock-331966547-converted-1_10as0d9000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/b8c51d05-lr-adobestock-331966547-converted-1_10as0d9000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f4020cf8cba727ee2fc9374c472d3203155bca766eb553f4540375a96e3ae4f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 00:56:56 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
1275935
etag
"8b951a8b3b09b45b610cd97b77562748"
x-cache
Hit from cloudfront
x-amz-version-id
bFEqlUA8g0ozXLcUTNsFX7npS_4l5iHC
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
17294
x-amz-cf-id
_FEVQoNO23-3YbP--tjvtO0CmnJ4jEOqWSHaHV0URuSLgqWOVbmxwg==
b9971e94-immuneprotection-icon-01_1033032000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/b9971e94-immuneprotection-icon-01_1033032000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
84ca6926b16bc0e43451bb954a44ffb6860a196d922d737d25b67296df98e291

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 22:40:41 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:08 GMT
server
AmazonS3
age
592910
etag
"145efe527292dfdcdbb4e05463eae7df"
x-cache
Hit from cloudfront
x-amz-version-id
Qc3exyujCrQqTuhr3TvKbPnP3QVVqdou
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
1807
x-amz-cf-id
N2t3yrJlPOoBpzomE255UExRKGkimU32GRUnUl6z2V1ujZXsszVgHQ==
79158344-pieceofmind-icon_1033033000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/79158344-pieceofmind-icon_1033033000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5bfc4faad49730b7aa96ef631ff237c0d1d5d5b785f2b6990035da9ed40efd50

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 00:55:04 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
1276047
etag
"192c9168827beb2b23d6e5adb9d70535"
x-cache
Hit from cloudfront
x-amz-version-id
eJPFjnULLgv03U7gCiOK3eLKEnuoog9h
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
2356
x-amz-cf-id
OK1-wCleWBMewZOcfND4u6hOZivlFETxxs24mUzbTWSso4wyirKppg==
bc066089-enhanceinnateimmunity-icon_1033033000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/bc066089-enhanceinnateimmunity-icon_1033033000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
755b3393e9f4098c620279b7798863946c6254c5d550c71284d55c7acea74965

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 13:55:56 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:08 GMT
server
AmazonS3
age
365195
etag
"7ad3440249cdb5f35dc815a11ea613f3"
x-cache
Hit from cloudfront
x-amz-version-id
N1BVdL_x8em1zkLzJOlOQxg024VapJ2_
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
2351
x-amz-cf-id
FeNKUM8l4zRBcl6DdTV0I9Q8ZPPCOzAJkuJamh2KslbjzCejmPGxtw==
43d58b63-inflammation-icon_1033033000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/43d58b63-inflammation-icon_1033033000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b25f6a979763d093294395d25726ad10a6331a95fbf0200bd4322512201e3da2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 00:55:04 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
1276047
etag
"eb0061d58eab6b7fbd7dcfda282b7301"
x-cache
Hit from cloudfront
x-amz-version-id
7KWHzVp2Jcj.fvCtjIcqwm3aCe1_n5LE
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
1681
x-amz-cf-id
SBdWmxzsnxKSNlEzvX-6zPBPPX2662M5-JZ4JZgoIzfwOpUsg4euqw==
29a1276b-whitebloodcells-icon_1033033000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/29a1276b-whitebloodcells-icon_1033033000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d8198ec4fa67f9e2df1b66e7c21f74e018093e45b2b84b66c2d01a899f45ebca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 00:55:04 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
1276047
etag
"e083017a38528016431cc614775d1e79"
x-cache
Hit from cloudfront
x-amz-version-id
3E3kRpX61bO4tbOueAo58RILdkKgn13b
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
2120
x-amz-cf-id
J3tcHXvHijluHPnJebqSYcQE8KXWy-PLe6H1A8sOG7fU46Zmo_rOBg==
55668209-repaircells-icon_1033033000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/55668209-repaircells-icon_1033033000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
deb2cc1d9d1ccfba8c95a6a96153fc7de2ec0345a29c899eeb000cc4d6a2c853

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 10 Sep 2021 22:40:41 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
592909
etag
"243392b069a22b1b83de730d8c156bfb"
x-cache
Hit from cloudfront
x-amz-version-id
p_YtYs2nkgo9XewmvG9rWbXsLVdHKjk.
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
2222
x-amz-cf-id
YVN68WuySnA2ezXkB_Zv6tkOLWlzGXYFnyIrk4hN0h_GvGDzBelRHw==
7be0d590-freeradical-icon_1033033000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/7be0d590-freeradical-icon_1033033000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37ade000a9e389e3f3075b8e915fdb623ad89fcc0b37440ef7e4f1289c80881f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 19:56:19 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
516372
etag
"d930fa99dbe487ada19a1c5184df19b0"
x-cache
Hit from cloudfront
x-amz-version-id
HlaRxv3YpXPYgIkbltDzvK9WeEOtyhdL
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
2955
x-amz-cf-id
QDJWdaxRAaFog0KWCwVhv1YN-VFGN6f2nBW2oPCspY0ToDvFJLBbfg==
7edea098-logofinal_104601o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/7edea098-logofinal_104601o000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3236f586f49cb7afe68b95093ada6baada007db3ed31fed4741c52eeb868cec7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 13:55:56 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
365195
etag
"9d3d4d4d37e8a6d40d89093b04d1f218"
x-cache
Hit from cloudfront
x-amz-version-id
XQ9gI7ATq0_ccKMN2c.7JzAdoO.IXTIE
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
3764
x-amz-cf-id
VxtLnJr-6lKJLAdzvMW7uuxAS8AQMINcO59UOX0M1YwWc1AiW5XgXg==
52218b64-circlecheckgreen_100n00n000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		308 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/52218b64-circlecheckgreen_100n00n000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 05:52:14 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
2208617
etag
"664e0b74b02a5184054577ac4e266e5d"
x-cache
Hit from cloudfront
x-amz-version-id
bvD1Dd61xx3gJ_LPgZuUg61NUelxg2ug
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
308
x-amz-cf-id
5fGzJuc4W3vK7m3ccD6XEXCfwImAxzGnSX9IrdDwhHX-t5MvttLiZg==
7f01bac7-five-stars-original_104q01e000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/7f01bac7-five-stars-original_104q01e000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0b69bb2edf72a370aafdd55dbf089c146b2ccc12cd81d9db7359bd703a6f7b72

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 05:52:14 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
2208617
etag
"5533b29f0f4f9e9e7f7fb99932f7464e"
x-cache
Hit from cloudfront
x-amz-version-id
Y1wGXT0_tyG3Kc8lacRWLi8Czs2B1oG6
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
1117
x-amz-cf-id
cxVT8mphynkHPh0P59UH3i6uq2_DTDfdUU55RxxCpOZeajmwb_6z6g==
da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10en0f7000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/da253d5f-orange-fb7f07-circle-extracted-drjosh-1_10en0f7000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
849c841a6777a9958cd7afbcc045ceabb8a4710e79ed4b0ab00fe27761fbcbcd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 13:55:56 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:08 GMT
server
AmazonS3
age
365195
etag
"39d2bf429da52b4bc87df54ed5cfd91f"
x-cache
Hit from cloudfront
x-amz-version-id
IhtPUlTf5hqpjOQLCRZyGNeFcDlaSBqM
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
72764
x-amz-cf-id
fw5NpRNNHrI1MKDrMRR9fBdBubtGXkpFWAbR3y6t_vTBaiifHNo7fQ==
086fdb9a-lr-adobestock-288564120-converted-1-1_10cp0cp000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/086fdb9a-lr-adobestock-288564120-converted-1-1_10cp0cp000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
67e129935a120c00d947edfc3b8200d9384e84e633b07ace0a93bf59ad3a0460

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 13:55:56 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
365195
etag
"2086d9740b1a0e4760c710553e442a48"
x-cache
Hit from cloudfront
x-amz-version-id
IWP..4v1DKY2oADxDLJPf2X.0y1bSrKv
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
11180
x-amz-cf-id
mrlkE6wByOyKA53DStgGenPLYBQvR9v2Y6xnicjoBAlVtkShFHgFFg==
062c05c8-shadow-immune11x-front_1039065000000000000028.png
d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/pages.upwellness.com/uc-i11x-fps/062c05c8-shadow-immune11x-front_1039065000000000000028.png
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.84.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-84-77.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c5e63bdbe6253ddd0ab954540da51546003eb5a59c4041e8b3a3de86bc561f63

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 23 Aug 2021 05:52:14 GMT
via
1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
last-modified
Thu, 24 Jun 2021 21:04:07 GMT
server
AmazonS3
age
2208617
etag
"3606cbd8a3768c5ed3577b2461ac076c"
x-cache
Hit from cloudfront
x-amz-version-id
947kdf_1QVb5J.6CIrQFaW.gBREKQd3w
cache-control
max-age=31557600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
image/png
content-length
10014
x-amz-cf-id
vCsIx0fdcClLB52Ri3Br2LKzhrhczSTKAHk3vx5EQuszpMumL_slWQ==
UCAffiliateNetworkPixel
store2.upwellness.com/cgi-bin/ 		0
543 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://store2.upwellness.com/cgi-bin/UCAffiliateNetworkPixel?t=0.13897993095156913&r=&u=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_
Requested by
Host: store2.upwellness.com
URL: https://store2.upwellness.com/cgi-bin/UCAffiliateNetworkPixel
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.212.168.243 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-212-168-243.compute-1.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
server
Apache
content-length
0
p3p
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
2133
date
Fri, 17 Sep 2021 18:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Fri, 17 Sep 2021 20:46:57 GMT
js
www.googletagmanager.com/gtag/ 		96 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-675938688
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3S986P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d403ed2fcf2ead6411a967e57898a25be72540f155f95034108e08486733c21a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39182
x-xss-protection
0
last-modified
Fri, 17 Sep 2021 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Sep 2021 19:22:30 GMT
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477...
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D47...
13 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&duid=f0f26c15fa8f--01fftkbmrbx4cj7hbcq1t882jd&se=e30&dtstmp=1631906550745&i6=MjAwMTphYzg6MzY6NjoyMDg6OjE%3D&n3pc=true
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.238.14.155 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-238-14-155.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
x-pixel-event-id
796bce5b-8f22-4b17-808a-09e038ed57ff
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
0
vary
Origin
content-length
13
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
9dd47c6b201edd9a

Redirect headers

date
Fri, 17 Sep 2021 19:22:31 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-057g&wpn=lc-bundle&pu=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&duid=f0f26c15fa8f--01fftkbmrbx4cj7hbcq1t882jd&se=e30&dtstmp=1631906550745&i6=MjAwMTphYzg6MzY6NjoyMDg6OjE%3D&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://pages.upwellness.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
08367f041c684b89
request-time
0
content-length
0
x-content-type-options
nosniff
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 15:11:30 GMT
x-content-type-options
nosniff
age
360660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23484
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:01 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 15:11:30 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 08:57:05 GMT
x-content-type-options
nosniff
age
210325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22992
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:57 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 08:57:05 GMT
S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:34:56 GMT
x-content-type-options
nosniff
age
388054
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22572
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:56 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 07:34:56 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v20/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 14:13:25 GMT
x-content-type-options
nosniff
age
450545
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24440
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 12 Sep 2022 14:13:25 GMT
S6u_w4BMUTPHjxsI9w2_Gwft.woff2
fonts.gstatic.com/s/lato/v20/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u_w4BMUTPHjxsI9w2_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 08:26:59 GMT
x-content-type-options
nosniff
age
557731
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17640
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:18:34 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 11 Sep 2022 08:26:59 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v40/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v40/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 19:58:57 GMT
x-content-type-options
nosniff
age
343413
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31624
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:16:38 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 19:58:57 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 07:30:39 GMT
x-content-type-options
nosniff
age
388311
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19844
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:10 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 07:30:39 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 08:47:51 GMT
x-content-type-options
nosniff
age
210879
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20040
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:44 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 15 Sep 2022 08:47:51 GMT
JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_cJD3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Wed, 15 Sep 2021 22:51:39 GMT
x-content-type-options
nosniff
age
160251
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19536
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:41 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Sep 2022 22:51:39 GMT
JTUPjIg1_i6t8kCHKm459WxZYgzz_PZw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUPjIg1_i6t8kCHKm459WxZYgzz_PZw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b143c7d20fbf7be386e696a25c41d5614c0cbf9f4b2a0da4ee90e64b4832561b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 09:22:54 GMT
x-content-type-options
nosniff
age
35976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19920
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 17 Sep 2022 09:22:54 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec83f9cccd120b3497a09d26618b516b2bd2c8e0e930919c0eda5516991901f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 01:36:17 GMT
x-content-type-options
nosniff
age
323173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20248
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:28 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Sep 2022 01:36:17 GMT
JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v18/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 15:00:06 GMT
x-content-type-options
nosniff
age
361344
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19868
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:20:31 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 15:00:06 GMT
S6u_w4BMUTPHjxsI3wi_Gwft.woff2
fonts.gstatic.com/s/lato/v20/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v20/S6u_w4BMUTPHjxsI3wi_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ad68b1eebdd10516b4cd884ca26e3f2f6086efc2a025badffb5f08e7fb110807
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 07:56:02 GMT
x-content-type-options
nosniff
age
41188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23696
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:19:12 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 17 Sep 2022 07:56:02 GMT
JTUPjIg1_i6t8kCHKm459WxZcgvz_PZw.woff2
fonts.gstatic.com/s/montserrat/v18/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v18/JTUPjIg1_i6t8kCHKm459WxZcgvz_PZw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:700,300,regular,500%7CLato:regular,700,900,italic,300italic,900italic%7CMontserrat:regular,700,300,300italic,italic,500,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a4722f7c6bfc8ed582a1da7f4e552be5350efe348638b31ec4a1291963c8e8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 10:58:49 GMT
x-content-type-options
nosniff
age
375821
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20516
x-xss-protection
0
last-modified
Tue, 10 Aug 2021 00:21:02 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 10:58:49 GMT
wistia-mux.js
fast.wistia.com/assets/external/ 		92 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/wistia-mux.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9924880902b87011459a257b7cd5677eafd11f1de5decc7cde1d5b078f50eaf8
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
br
vary
Accept-Encoding
age
1455
x-cache
HIT, HIT
content-length
24814
x-served-by
cache-dca17778-DCA, cache-mxp6960-MXP
access-control-allow-origin
*
x-browser-version
92
last-modified
Thu, 16 Sep 2021 13:57:10 GMT
x-timer
S1631906551.832842,VS0,VE0
etag
"61434d36-60ee"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 45
/
ct.pinterest.com/user/ 		493 B
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1631906550826
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.e7fd5392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.c5247e68.1631906550.f4eb9ee
x-envoy-upstream-service-time
3
x-pinterest-rid
7891386516312343
pin-unauth
dWlkPU5qUXpaalZrTVdFdE1XTXlNUzAwTTJVMUxXSTFOR0l0TnpNNVptRXpNR1U0WlRNMg
access-control-allow-origin
https://pages.upwellness.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
342
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		35 B
332 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=2614137446842&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%22e7fd5392%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1631906550826
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:30 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.c5247e68.1631906550.f4eb9f0
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1122202922797436
expires
Sat, 01 Jan 2000 00:00:00 GMT
modules.5fe2f4f38cf4833026a9.js
script.hotjar.com/ 		221 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-121.fra2.r.cloudfront.net
Software
/
Resource Hash
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
734844
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59626
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 07:14:26 GMT
etag
"e8c5ca8d148a212696c04c37e713b2a1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c28c128e9402fb070daca09bab68490a.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
iihJxqAavAksxZd48Q-WSaaBtxyRmOYzodbQup-6oCbWCxNZq98Gag==
27015508.js
bat.bing.com/p/action/ 		0
132 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/27015508.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Sep 2021 19:22:30 GMT
cache-control
private,max-age=86400
x-msedge-ref
Ref A: 70D25C244F3245B2B973E208C83CF043 Ref B: FRAEDGE1306 Ref C: 2021-09-17T19:22:30Z
x-cache
CONFIG_NOCACHE
0
bat.bing.com/action/ 		0
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=27015508&Ver=2&mid=d23b8511-52de-4c72-8a03-212e9eca699d&sid=9a31a07017ec11ecb5a2efb4bb0ea0de&vid=9a31d00017ec11ec997077c25cfccb27&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&p=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&r=&lt=1981&evt=pageLoad&msclkid=N&sv=1&rn=763044
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Sep 2021 19:22:30 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: F7352AC1CCB647AEA6015A85A2DAC569 Ref B: FRAEDGE1306 Ref C: 2021-09-17T19:22:30Z
x-cache
CONFIG_NOCACHE
expires
Fri, 01 Jan 1990 00:00:00 GMT
10056129.json
s.yimg.com/wi/config/ 		46 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10056129.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 12:00:01 GMT
x-content-type-options
nosniff
age
26550
x-amz-server-side-encryption
AES256
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id
4FMMT3SMNXYT496S
x-amz-id-2
sInyh1W1zykJ71Bd3XnJRqrex7q81FUTVviHJ4G+ERcEFgtoVDxUJd27AhC9G70Jjxr0Nc00ZSM=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Fri, 23 Sep 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Wed, 18 Aug 2021 21:49:32 GMT
server
ATS
etag
"fc5f6676b4f2531b36b8c7120da6ecca"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
access-control-allow-methods
GET
x-amz-version-id
5lqV4GvMTyzNl0lqaN8QODBV_nzn4eKl
access-control-allow-origin
*
x-xss-protection
1; mode=block
content-length
46
content-type
application/octet-stream
cachedClickId
tr.outbrain.com/ 		35 B
239 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.outbrain.com/cachedClickId?marketerId=00e83052a71a1dff3bc62d5d40765808fc
Requested by
Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 19:22:31 GMT
content-encoding
gzip
X-TraceId
454ff49ca8a8127f9f0ce86a42944ee5
Content-Length
56
Content-Type
application/javascript
unifiedPixel
tr.outbrain.com/ 		43 B
256 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.outbrain.com/unifiedPixel?marketerId=00e83052a71a1dff3bc62d5d40765808fc&obApiVersion=1.1&obtpVersion=1.5.1&name=PAGE_VIEW&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&optOut=false&bust=022401822479817346
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 19:22:31 GMT
Cache-Control
no-cache
X-TraceId
ac03e353cece73041fdd7bc7637ab188
content-encoding
gzip
Content-Length
60
Content-Type
image/gif;
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1631906550835&cv=9&fst=1631906550835&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca7b35a3aab1b0b1437e7f7928a9ed34ed771079a5b69b19e044917939b43b6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1123
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1225872/trc/3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1225872/trc/3/json?tim=1631906550840&data=%7B%22id%22%3A109%2C%22ii%22%3A%22%2Fuc-i11x-fps%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1631906550836%2C%22cv%22%3A%2220210809-3-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Drainmaker-splashdaily-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1631906550840%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A10%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7058b19c9e281f64b0e22e4a220c3a1eff9569576f7f910dc41d29470d002fef

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
25
date
Fri, 17 Sep 2021 19:22:30 GMT
content-encoding
gzip
server
nginx
x-timer
S1631906551.865578,VS0,VE25
x-served-by
cache-hhn4052-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
98d5a20a578467fb567492bba9090aa9.webp
embed-fastly.wistia.com/deliveries/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-fastly.wistia.com/deliveries/98d5a20a578467fb567492bba9090aa9.webp?image_crop_resized=400x224
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
053298949f19e13be3aa6ab53b08c2b20ff3fa968e79466ff28a0c451789f857

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
via
1.1 varnish, 1.1 varnish
age
506645
edge-cache-tag
98d5a20a578467fb567492bba9090aa9
access-control-request-method
*
x-cache-hits
1, 1
x-cache
HIT, HIT
content-length
11602
x-served-by
cache-dca17778-DCA, cache-hhn4080-HHN
last-modified
Mon, 27 Jul 2020 22:32:56 UTC
x-timer
S1631906551.002755,VS0,VE1
access-control-allow-methods
GET, HEAD, OPTIONS
content-type
image/webp
access-control-allow-origin
*
content-disposition
inline
cache-control
max-age=31536000
accept-ranges
bytes
access-control-expose-headers
Origin, Content-Type, Accept, Server, x-amz-version-id, X-Cache
/
www.facebook.com/tr/ 		44 B
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=724703108401252&ev=PageView&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%2522e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289%2522%255D%257D&rl=&if=false&ts=1631906550957&sw=1600&sh=1200&v=2.9.45&r=stable&ec=0&o=30&fbp=fb.1.1631906550954.843694021&it=1631906550547&coo=false&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 17 Sep 2021 19:22:31 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=724703108401252&ev=PageView_I11X&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1631906550960&sw=1600&sh=1200&v=2.9.45&r=stable&ec=1&o=30&fbp=fb.1.1631906550954.843694021&it=1631906550547&coo=false&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 17 Sep 2021 19:22:31 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=724703108401252&ev=LPVisit&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D_removed_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%2522e93c74d439413482403026cb034251f3de234fb2bda30607f05cd87f477c9289%2522%255D%257D&rl=&if=false&ts=1631906550961&sw=1600&sh=1200&v=2.9.45&r=stable&ec=2&o=30&fbp=fb.1.1631906550954.843694021&it=1631906550547&coo=false&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 17 Sep 2021 19:22:31 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=724703108401252&ev=LPVisit_I11X&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_%26_filteredParams%3D%257B%2522unwantedParams%2522%253A%255B%255D%252C%2522sensitiveParams%2522%253A%255B%255D%257D&rl=&if=false&ts=1631906550963&sw=1600&sh=1200&v=2.9.45&r=stable&ec=3&o=30&fbp=fb.1.1631906550954.843694021&it=1631906550547&coo=false&rqm=GET
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 17 Sep 2021 19:22:31 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-28307243-3&cid=1548358794.1631906551&jid=1298618891&gjid=643804970&_gid=1057339976.1631906551&_u=YGBAgEABAAAAAE~&z=1229457732
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 17 Sep 2021 19:22:31 GMT
content-type
text/plain
access-control-allow-origin
https://pages.upwellness.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2120993849&t=pageview&_s=1&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&ul=en-us&de=UTF-8&dt=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=1298618891&gjid=643804970&cid=1548358794.1631906551&tid=UA-28307243-3&_gid=1057339976.1631906551&gtm=2wg9f0M3S986P&z=746088514
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 06:30:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46323
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2017%20Sep%202021%2019%3A22%3A31%20GMT&n=0&b=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&.yp=10056129&f=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&enc=UTF-8&yv=1.10.1&tagmgr=gtm
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 17 Sep 2021 19:22:31 GMT
X-Content-Type-Options
nosniff
Age
0
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Pragma
no-cache
Referrer-Policy
strict-origin-when-cross-origin
Server
ATS
X-Frame-Options
DENY
Expect-CT
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Cache-Control
no-cache, private, must-revalidate
Accept-Ranges
bytes
Expires
Fri, 17 Sep 2021 19:22:31 GMT
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame C984 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-795540.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-12.fra2.r.cloudfront.net
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://pages.upwellness.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
noKUQ-T4tmtji5MRQVPkDqQUsvc06jCOp3unF7yp_L74beJmA4MbQA==
age
5120246
/
ct.pinterest.com/md/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.e7fd5392.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-24-193.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.c5247e68.1631906551.f4eba64
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
x-pinterest-rid
1307027022037220
expires
Sat, 01 Jan 2000 00:00:00 GMT
firebase.js
www.gstatic.com/firebasejs/4.5.0/ Frame 875D 		389 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/4.5.0/firebase.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 14 Sep 2021 04:05:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
314250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116073
x-xss-protection
0
last-modified
Tue, 03 Oct 2017 14:56:39 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 14 Sep 2022 04:05:01 GMT
proxy.js
cdn.useproof.com/proxy/ Frame 875D 		112 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.useproof.com/proxy/proxy.js
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:dff2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.useproof.com/proxy/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
15459049
cf-ray
6904b427e9514a79-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
114404
x-amz-id-2
5/9ljZ7zvso1tKgr2uUjGG0wYyTFt7319aXsf5sMbUgzD/ozDN82XQLnlr5kT1FHpC0gZcdYGgQ=
last-modified
Mon, 29 Jun 2020 14:15:25 GMT
server
cloudflare
etag
"9f4d60f4f2b143cadacb2b8b3a901401"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=761x5uIARyvgfcl98cP%2BXo%2F%2FVxiKz2Ffiq119iYXnEhuPPNfwLSF%2B%2BO7%2Bcd3FUIY7KJq%2B4oETAhwzJ%2FoAQCSLSovoVPiCMW%2BajymtnxYLM9%2BL3%2FGr2AqHjw4Xt4MdtYZER5o%2Fez%2Bj%2FoPU4lesq8R"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
AKJNGBSW6PDMDT22
cache-control
public, max-age=315360000, no-transform
x-amz-version-id
FhtEkyvjyNE68BTwRHm.pMLrP83vtI4K
accept-ranges
bytes
content-type
application/javascript
cf-bgj
minify
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1631906551018&cv=9&fst=1631906551018&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c61e0903d37b380fad8478328dea15009cdf7582ef6b40d4cb8a85222d3f5ae6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1125
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gusid
h.upwellnessfeed.com/v1/lst/ 		32 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://h.upwellnessfeed.com/v1/lst/gusid?
Requested by
Host: h.upwellnessfeed.com
URL: https://h.upwellnessfeed.com/v1/lst/universal-script?ph=b27b2d9cab4edb79ea8d8031ae1cdcab396d994adeed7dcf9ab186020a45dbd3&tag=!tracking
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
85b0eefd82802df73b213e6aad199c6d5e0ff8d2b57e0c9553bff3688ad279d8

Request headers

User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
Product-ID
180470

Response headers

Date
Fri, 17 Sep 2021 19:22:31 GMT
Server
nginx/1.18.0 (Ubuntu)
Front-End-Https
off
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Content-Type
text/plain;charset=utf-8
Access-Control-Allow-Origin
https://pages.upwellness.com
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
32
Access-Control-Expose-Headers
Session-ID
gusid
h.upwellnessfeed.com/v1/lst/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://h.upwellnessfeed.com/v1/lst/gusid?
Protocol
HTTP/1.1
Server
52.205.62.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-62-94.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
product-id
Origin
https://pages.upwellness.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
nginx/1.18.0 (Ubuntu)
Date
Fri, 17 Sep 2021 19:22:31 GMT
Content-Type
application/vnd.sun.wadl+xml;charset=utf-8
Content-Length
1552
Connection
keep-alive
Access-Control-Allow-Origin
https://pages.upwellness.com
Access-Control-Allow-Methods
GET, PUT, POST, OPTIONS, DELETE
Access-Control-Allow-Headers
product-id
Access-Control-Expose-Headers
Session-ID
Access-Control-Max-Age
86400
Access-Control-Allow-Credentials
true
Allow
HEAD,GET,OPTIONS
Last-Modified
Fri, 17 Sep 2021 19:22:31 UTC
Front-End-Https
off
/
www.google.com/pagead/1p-user-list/862759327/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/862759327/?random=1631906550835&cv=9&fst=1631905200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&async=1&fmt=3&is_vtc=1&random=86029033&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/862759327/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/862759327/?random=1631906550835&cv=9&fst=1631905200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&async=1&fmt=3&is_vtc=1&random=86029033&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-28307243-3&cid=1548358794.1631906551&jid=1298618891&_u=YGBAgEABAAAAAE~&z=519170799
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-28307243-3&cid=1548358794.1631906551&jid=1298618891&_u=YGBAgEABAAAAAE~&z=519170799
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/675938688/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/675938688/?random=1631906551018&cv=9&fst=1631905200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&async=1&fmt=3&is_vtc=1&random=1902973814&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/675938688/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/675938688/?random=1631906551018&cv=9&fst=1631905200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&async=1&fmt=3&is_vtc=1&random=1902973814&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visit-data
in.hotjar.com/api/v2/client/sites/795540/ 		147 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://in.hotjar.com/api/v2/client/sites/795540/visit-data?sv=6
Requested by
Host: script.hotjar.com
URL: https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.84.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-84-221.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c

Request headers

Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain; charset=UTF-8

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
content-encoding
br
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store
access-control-allow-credentials
true
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/862759327/?random=1631906551068&cv=9&fst=1631906551068&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1ca5c1076aef305d1818eaf73f9e07baa445896b468a76a90bcaa77c86a8a24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1128
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/675938688/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/675938688/?random=1631906551068&cv=9&fst=1631906551068&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
  • https://www.google.com/pagead/1p-user-list/675938688/?random=1631906551068&cv=9&fst=1631905200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=f...
  • https://www.google.de/pagead/1p-user-list/675938688/?random=1631906551068&cv=9&fst=1631905200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=fa...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/675938688/?random=1631906551068&cv=9&fst=1631905200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&async=1&is_vtc=1&random=1044893451&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/675938688/?random=1631906551068&cv=9&fst=1631905200000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&async=1&is_vtc=1&random=1044893451&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/862759327/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/862759327/?random=1631906551068&cv=9&fst=1631905200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&async=1&fmt=3&is_vtc=1&random=2836585526&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/862759327/ 		42 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/862759327/?random=1631906551068&cv=9&fst=1631905200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9f0&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&tiba=Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt&async=1&fmt=3&is_vtc=1&random=2836585526&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: pages.upwellness.com
URL: https://pages.upwellness.com/uc-i11x-fps/?offer=15&session_id=102aa15732e9cbf2ac1debbbdc4c03&n=tune&AFFID=477232&subid=103_
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Sep 2021 19:22:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
trtc0limNRYJwhvfi9uRqUFQo0w1
api.useproof.com/pixel/ Frame 875D 		178 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.useproof.com/pixel/trtc0limNRYJwhvfi9uRqUFQo0w1?url=https:%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:40e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-amzn-remapped-content-length
178
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amzn-remapped-date
Fri, 17 Sep 2021 19:22:31 GMT
x-amz-cf-pop
FRA2-C1
x-amzn-requestid
6863c9ed-69d5-4e45-b0fb-3e7d78a16008
surrogate-control
no-store
x-cache
Miss from cloudfront
cf-cache-status
DYNAMIC
content-encoding
br
x-amz-apigw-id
F0mmsEaUoAMFycA=
pragma
no-cache
server
cloudflare
etag
W/"b2-OenOJ5+poZHQBF95l6mn992GfU4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6krSS6E7Utmbcqj98WuS2HJ0%2FuLU4D1zgM1kg107cMgyRg%2FbN3GrNPFFmQDA1d3gJqA25auHm28yVfdLzsZ9AIaFTNrXEn3GpIdn%2BkSxAZEacvyUaim1gb%2BUycknZG5v%2FtTqRJ0SlzRAnCzYv%2Fhr"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
6904b4290ba74e9e-FRA
x-amz-cf-id
KQI5Gv6oifJm_YG8EpLhSKUODzQLEMMUSUSGQlE2tltMyhS5mhGSpQ==
x-amzn-remapped-connection
keep-alive
expires
0
playPauseLoadingControl.js
fast.wistia.com/assets/external/ 		59 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/playPauseLoadingControl.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dbfef1341c9a79d742fc27039bca0f4e3042a48881c21b039d039a451961c6ba
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
content-encoding
br
vary
Accept-Encoding
age
1455
x-cache
HIT, HIT
content-length
12637
x-served-by
cache-dca17745-DCA, cache-mxp6960-MXP
access-control-allow-origin
*
x-browser-version
92
last-modified
Thu, 16 Sep 2021 13:57:10 GMT
x-timer
S1631906551.269859,VS0,VE0
etag
"61434d36-315d"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 53
hls_video.js
fast.wistia.com/assets/external/engines/ 		356 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/engines/hls_video.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
39df4b8e7ba1635560bb6cee9517576d7a52b927a91bfe4dc36ba8b759b6aeb6
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
content-encoding
br
vary
Accept-Encoding
age
1456
x-cache
HIT, HIT
content-length
85296
x-served-by
cache-dca17744-DCA, cache-mxp6960-MXP
access-control-allow-origin
*
x-browser-version
92
last-modified
Thu, 16 Sep 2021 13:57:10 GMT
x-timer
S1631906551.271505,VS0,VE0
etag
"61434d36-14d30"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 37
blank.gif
fast.wistia.com/assets/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fast.wistia.com/assets/images/blank.gif
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Referer
https://pages.upwellness.com/
Origin
https://pages.upwellness.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
via
1.1 varnish, 1.1 varnish
vary
Accept-Encoding
age
5055
x-cache
HIT, HIT
x-cache-hits
1, 132
content-length
1214
x-served-by
cache-dca17763-DCA, cache-mxp6976-MXP
x-browser-version
92
last-modified
Fri, 17 Sep 2021 17:56:11 GMT
x-timer
S1631906551.364002,VS0,VE0
etag
"6144d6bb-4be"
strict-transport-security
max-age=0
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=315360000, public
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
x
distillery.wistia.com/ 		0
96 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://distillery.wistia.com/x
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.86.94.156 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-86-94-156.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 17 Sep 2021 19:22:31 GMT
cache-control
max-age=0, private, must-revalidate
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=724703108401252&ev=Microdata&dl=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_&rl=&if=false&ts=1631906551460&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Immune%2011X%20-%20UpWellness%20-%20Dr.%20Joshua%20Levitt%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%2F%22%2C%22%40id%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Frjukmx7rqk%22%2C%22%40type%22%3A%22VideoObject%22%2C%22duration%22%3A%22PT4M32S%22%2C%22name%22%3A%22I11X_SP02_V1%22%2C%22thumbnailUrl%22%3A%22https%3A%2F%2Fembed-ssl.wistia.com%2Fdeliveries%2F98d5a20a578467fb567492bba9090aa9.jpg%3Fimage_crop_resized%3D400x224%22%2C%22embedUrl%22%3A%22https%3A%2F%2Ffast.wistia.net%2Fembed%2Fiframe%2Frjukmx7rqk%22%2C%22uploadDate%22%3A%222020-07-27%22%2C%22description%22%3A%22an%20UpWellness%20video%22%7D%5D&sw=1600&sh=1200&v=2.9.45&r=stable&ec=4&o=30&fbp=fb.1.1631906550954.843694021&it=1631906550547&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 17 Sep 2021 19:22:31 GMT
register
live-visitor-counts.herokuapp.com/lvc/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://live-visitor-counts.herokuapp.com/lvc/register
Protocol
HTTP/1.1
Server
54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-248-82.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://cdn.useproof.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

Server
Cowboy
Content-Length
0
Connection
keep-alive
Access-Control-Allow-Headers
Origin,Content-Length,Content-Type
Access-Control-Allow-Methods
GET,POST,PUT,PATCH,DELETE,HEAD
Access-Control-Allow-Origin
https://cdn.useproof.com
Access-Control-Max-Age
43200
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
Date
Fri, 17 Sep 2021 19:22:32 GMT
Via
1.1 vegur
register
live-visitor-counts.herokuapp.com/lvc/ Frame 875D 		0
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live-visitor-counts.herokuapp.com/lvc/register
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.248.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-248-82.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://cdn.useproof.com
Date
Fri, 17 Sep 2021 19:22:32 GMT
Via
1.1 vegur
Server
Cowboy
Connection
keep-alive
Content-Length
0
Vary
Origin
track
analytics.proofapi.com/ Frame 875D 		71 B
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://analytics.proofapi.com/track?e=%257B%2522pixelId%2522%253A%2522trtc0limNRYJwhvfi9uRqUFQo0w1%2522%252C%2522pixelVersion%2522%253A%25223.1.13%2522%252C%2522visitorId%2522%253A%2522f4ab812b-f8d6-4d9a-b019-239042fba8f2%2522%252C%2522captureIds%2522%253A%255B%255D%252C%2522integrationType%2522%253A%2522auto-lead-capture%2522%252C%2522localeSetting%2522%253A%2522en%2522%252C%2522os%2522%253A%2522Windows%2522%252C%2522browser%2522%253A%2522Chrome%2522%252C%2522url%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-i11x-fps%252F%253Foffer%253D15%2526session_id%253D102aa15732e9cbf2ac1debbbdc4c03%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D103_%2522%252C%2522cleanUrl%2522%253A%2522pages.upwellness.com%252Fuc-i11x-fps%2522%252C%2522domain%2522%253A%2522pages.upwellness.com%2522%252C%2522pageviews%2522%253A1%252C%2522initialLandingPage%2522%253A%2522https%253A%252F%252Fpages.upwellness.com%252Fuc-i11x-fps%252F%253Foffer%253D15%2526session_id%253D102aa15732e9cbf2ac1debbbdc4c03%2526n%253Dtune%2526AFFID%253D477232%2526subid%253D103_%2522%257D
Requested by
Host: cdn.useproof.com
URL: https://cdn.useproof.com/proxy/proxy.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:23e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
877ec97fe40d52dce8d427adf9b927368a0acc37fb0994367ef9c851114a8c8c

Request headers

Accept
application/json, text/plain, */*
Referer
https://cdn.useproof.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:31 GMT
via
1.1 vegur
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Express
access-control-allow-methods
GET, POST, OPTIONS
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
etag
W/"47-4aNj19A2RmXUI4rHojWZjCHTvCE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kLi0XlxeNiWGP8MZVbOEGyKcu9ZQGuwz8Kllh9PNyL9vRshneLVwdGDyKRqHlYzuTp76q5lcHJO5kCs%2B0OJvdedJ0r8C4pgFKzfS54Rg%2BNHQKhy0MA5Q7Cv0M3ME65OcPFM99q7z%2FgX8SwO%2F%2BeeBVgDKBoSN"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn.useproof.com
access-control-allow-credentials
true
cf-ray
6904b42bcb65061c-FRA
access-control-allow-headers
X-Requested-With,content-type
mput
pipedream.wistia.com/ 		2 B
136 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pipedream.wistia.com/mput?topic=metrics
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.23.190.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-190-53.compute-1.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://pages.upwellness.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
*
date
Fri, 17 Sep 2021 19:22:32 GMT
content-length
2
access-control-allow-methods
POST, OPTIONS
content-type
text/plain; charset=utf-8
allIntegrations.js
fast.wistia.com/assets/external/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fast.wistia.com/assets/external/allIntegrations.js
Requested by
Host: fast.wistia.com
URL: https://fast.wistia.com/assets/external/E-v1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d77802915404115b7ae2d56748b9baf61a53e1b9e9c3832885fb63e9e898bcbf
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 19:22:32 GMT
content-encoding
br
vary
Accept-Encoding
age
1456
x-cache
HIT, HIT
content-length
9034
x-served-by
cache-dca17760-DCA, cache-mxp6960-MXP
access-control-allow-origin
*
x-browser-version
92
last-modified
Thu, 16 Sep 2021 13:57:10 GMT
x-timer
S1631906552.269986,VS0,VE0
etag
"61434d36-234a"
strict-transport-security
max-age=0
content-type
application/javascript
via
1.1 varnish, 1.1 varnish
cache-control
public, max-age=3600
x-browser
chrome
x-ecma-v
modern
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
2, 42
unip
trc-events.taboola.com/1225872/log/3/ 		0
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=1673&scd=10&ssd=1&est=1631906550838&ver=35&isls=true&src=i&invt=1500&rv=1&tim=1631906552512&vi=1631906550836&ri=e92b1438a43ddd3f9e00cf1f3425d316&ref=null&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://pages.upwellness.com
pragma
no-cache
date
Fri, 17 Sep 2021 19:22:32 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
unip
trc-events.taboola.com/1225872/log/3/ 		0
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc-events.taboola.com/1225872/log/3/unip?en=pre_d_eng_tb&tos=4674&scd=10&ssd=1&est=1631906550838&ver=35&isls=true&src=i&invt=3000&rv=1&tim=1631906555513&vi=1631906550836&ri=e92b1438a43ddd3f9e00cf1f3425d316&ref=null&cv=20210809-3-RELEASE&item-url=https%3A%2F%2Fpages.upwellness.com%2Fuc-i11x-fps%2F%3Foffer%3D15%26session_id%3D102aa15732e9cbf2ac1debbbdc4c03%26n%3Dtune%26AFFID%3D477232%26subid%3D103_
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1225872/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pages.upwellness.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
https://pages.upwellness.com
pragma
no-cache
date
Fri, 17 Sep 2021 19:22:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| ub function| $ function| jQuery string| __ultraaff_r string| __ultraaff_u object| _uca function| fbq function| _fbq function| pintrk function| gtag object| dataLayer object| head object| script function| ucAnpFailback function| ucAnpCallback object| UnbounceSnowplowNamespace function| ubSnowplow object| dotq object| _tfa function| obApi function| hj object| _hjSettings object| uetq object| google_tag_manager string| output number| output2 object| google_tag_data object| LI object| __li__evt_bus object| liQ object| wistiajsonp-/embed/medias/rjukmx7rqk.jsonp function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| ube boolean| proofInitialized object| Wistia string| _wistiaElemId object| _wq object| wistiaEmbeds string| GoogleAnalyticsObject function| ga function| FBQ function| FBQ_SETUP object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| UET function| UET_init function| UET_push object| YAHOO function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| gaplugins object| gaGlobal object| gaData boolean| mh_uts_available object| platform

32 Cookies

Domain/Path Name / Value
pages.upwellness.com/uc-i11x-fps/ Name: ubpv
Value: b%2Cca29e708-bbc6-4dd2-9faa-ac8cd497a818
341.mp2201.com/ Name: _maropost_session
Value: ebddec2fabbe0af7fe7ffd8643be5daf
go.welldaily.com/ Name: enc_aff_session_15
Value: ENC03749dc0f5d99e169bf7826bef37dd933e8552105a5eabc00bfe7e8f8c9ac515eadd144e4a3361bd9880ab9b7df50cd4ff5c496a2b7509e4e16273e7bc55cfc460a54054671a1619192eabea5cafaacc6bddb5b3158e0f08d485cfd81fa7d372a0a4f28c5db0c2d0a93504dbf159f669c3202ac1612b8302363c1d591911d83d7812a1daab
go.welldaily.com/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
pages.upwellness.com/ Name: ubvs
Value: 01d85e64-9016-4eee-a66c-6bb61147a2ae
.upwellness.com/ Name: ubvt
Value: 01d85e64-9016-4eee-a66c-6bb61147a2ae
.upwellness.com/ Name: UltraCartShoppingCartID
Value: 8C1798674DA33A017BF535D21F204C00
store2.upwellness.com/ Name: JSESSIONID
Value: abc44ehz3fvoFaDgNmZQS
store2.upwellness.com/ Name: LBJSESSIONID
Value: abc44ehz3fvoFaDgNmZQS.n42
.upwellness.com/ Name: _gcl_au
Value: 1.1.961484640.1631906551
.upwellness.com/ Name: _li_dcdm_c
Value: .upwellness.com
.upwellness.com/ Name: _lc2_fpi
Value: f0f26c15fa8f--01fftkbmrbx4cj7hbcq1t882jd
.bing.com/ Name: MUID
Value: 0AA8E52AF66365360012F59FF7B16424
.upwellness.com/ Name: _uetsid
Value: 9a31a07017ec11ecb5a2efb4bb0ea0de
.upwellness.com/ Name: _uetvid
Value: 9a31d00017ec11ec997077c25cfccb27
store2.upwellness.com/ Name: AWSALB
Value: 13eK7exAQPjJJVbEr7l8/apJNYBqhnUR8o5bKHk4jI+iUMGNY+qaeQzmF5A5mPaZMW7XBnpS5HpiE7dmW2KG7M9l1dD+rLlDNUozCv8uLY+fWxLwzmJz+0NbDKoX
store2.upwellness.com/ Name: AWSALBCORS
Value: 13eK7exAQPjJJVbEr7l8/apJNYBqhnUR8o5bKHk4jI+iUMGNY+qaeQzmF5A5mPaZMW7XBnpS5HpiE7dmW2KG7M9l1dD+rLlDNUozCv8uLY+fWxLwzmJz+0NbDKoX
.store2.upwellness.com/ Name: UPWEL-ANP
Value: 6161
.upwellness.com/ Name: _fbp
Value: fb.1.1631906550954.843694021
.upwellness.com/ Name: _ga
Value: GA1.2.1548358794.1631906551
.upwellness.com/ Name: _gid
Value: GA1.2.1057339976.1631906551
.upwellness.com/ Name: _dc_gtm_UA-28307243-3
Value: 1
.pages.upwellness.com/ Name: _pin_unauth
Value: dWlkPU5qUXpaalZrTVdFdE1XTXlNUzAwTTJVMUxXSTFOR0l0TnpNNVptRXpNR1U0WlRNMg
.upwellness.com/ Name: _hjid
Value: 569f3d9d-1b72-44ed-ac1d-7b479a25d6ef
.upwellness.com/ Name: _hjFirstSeen
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnyzWpuQyGT0Z54tV5W6wc5ongposB1TRMIylsF3uxYYjeifSizFYikasX-
pages.upwellness.com/ Name: _hjIncludedInPageviewSample
Value: 1
.upwellness.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
pages.upwellness.com/ Name: _hjIncludedInSessionSample
Value: 1
.liadm.com/ Name: lidid
Value: e3f51ae3-a190-4750-a5fc-0498f100a650
.yahoo.com/ Name: A3
Value: d=AQABBPfqRGECEEWuqIwm5F_c4n-1eoBk6x8FEgEBAQE8RmFOYQAAAAAA_SMAAA&S=AQAAAvYRcj-qbu4su-wzUGeJsxo
pages.upwellness.com/ Name: outbrain_cid_fetch
Value: true

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0505c62f0b6942afbaf22991f0778de5.js.ubembed.com
341.mp2201.com
amplify.outbrain.com
analytics.proofapi.com
api.useproof.com
assets.ubembed.com
b-code.liadm.com
bat.bing.com
builder-assets.unbounce.com
cdn.taboola.com
cdn.useproof.com
connect.facebook.net
ct.pinterest.com
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
distillery.wistia.com
embed-fastly.wistia.com
events.ub-analytics.com
fast.wistia.com
fonts.googleapis.com
fonts.gstatic.com
go.welldaily.com
googleads.g.doubleclick.net
h.upwellnessfeed.com
in.hotjar.com
live-visitor-counts.herokuapp.com
pages.upwellness.com
pipedream.wistia.com
rp.liadm.com
rp4.liadm.com
s.pinimg.com
s.yimg.com
script.hotjar.com
sp.analytics.yahoo.com
static.hotjar.com
stats.g.doubleclick.net
store2.upwellness.com
tr.outbrain.com
trc-events.taboola.com
trc.taboola.com
upwellness.com
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
13.224.193.116
13.224.193.12
13.224.193.121
13.224.193.86
13.225.78.63
13.225.84.77
141.226.228.48
142.250.186.34
151.101.129.131
151.101.194.133
151.101.65.44
184.30.24.193
2.18.234.190
208.83.60.221
212.82.100.181
2600:1f18:730:b120:5b38:df27:617f:9396
2600:9000:20eb:b800:8:8845:1500:93a1
2600:9000:21f3:4e00:1d:11cf:5800:93a1
2606:4700:3032::ac43:dff2
2606:4700:3033::6815:40e
2606:4700:3035::6815:23e9
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:803::2003
2a00:1450:4001:808::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2003
2a00:1450:4001:812::2002
2a00:1450:4001:82b::200a
2a00:1450:400c:c1b::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
2a04:4e42:1b::84
2a04:4e42:400::622
3.212.168.243
3.69.136.55
34.238.14.155
35.238.129.105
44.193.101.206
52.205.62.94
52.210.84.221
52.23.190.53
52.51.237.18
52.86.94.156
54.146.248.82
64.202.112.127
053298949f19e13be3aa6ab53b08c2b20ff3fa968e79466ff28a0c451789f857
0adeedede6d3bdf7e7258108ead2ed80af83b9fec8ba560d29fce2f3a957a261
0b65fa5d96d9b48f7a823f076336fcb4ffd66c09f9614cc5ff52ac91724be05e
0b69bb2edf72a370aafdd55dbf089c146b2ccc12cd81d9db7359bd703a6f7b72
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13eb615165c92892fcd46e01782dd0fc52d36f236f883aad488c2cf4dcf9206e
176db15772ec635da5102757957a1675b98ae0bd690035c4bb860264394a95e3
1a4722f7c6bfc8ed582a1da7f4e552be5350efe348638b31ec4a1291963c8e8e
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
20fd937dd145754a357d9b74f62992d77b7921cbcf64367b71f8f3047df30d5b
2904b98dfb86ac37a4ed1e33585980adbcbeb63b8802a641fc64615ef7360223
2b26a74f3c0e529bc8fccfa6b1db8e083e738992266359fde1a5bd0aaa81cbc3
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
3236f586f49cb7afe68b95093ada6baada007db3ed31fed4741c52eeb868cec7
330ad082fc0156cb33905081e0ec51703cd42af60a30a7d20aee333daa68bf20
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
37ade000a9e389e3f3075b8e915fdb623ad89fcc0b37440ef7e4f1289c80881f
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
39df4b8e7ba1635560bb6cee9517576d7a52b927a91bfe4dc36ba8b759b6aeb6
418614329e831c01f8232ddf31feefe6f63c6b52b9c6cbdd5bd5ac314540cfaf
48c68c466497c98078950e24f7d499d9b6aedc16c8a980535226a14f32feb55f
4b14a777c8582e60d34266d77bff8d0a47eefac19e4e3a282fcbf4c22ca08a39
4c967c069f7a16252b2fa438ce43396ffaabb1479b5c6accab78f32604b8ade3
53e808254e77628c2ca0b926487688a3d92f2b145b6b2aac4d7b425a34f22f85
540d4bba81958ef2b8464afc75a107192dd9e24d9ebadff25f44f7e6996c0480
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5bfc4faad49730b7aa96ef631ff237c0d1d5d5b785f2b6990035da9ed40efd50
5f688a5e666f99817e56ea624f7543e5c35ad288ee53b587b73932c9fb65f686
67e129935a120c00d947edfc3b8200d9384e84e633b07ace0a93bf59ad3a0460
6a45658988e9ccf8d151c181ca1ce06731abd20a469ea9b6210b31cfcaffa91e
7044b9003220f91e558fe300ad4e01d89164c1bb0b56fdb860960986657d5296
7058b19c9e281f64b0e22e4a220c3a1eff9569576f7f910dc41d29470d002fef
710651d81196e5403855aa6e8c3f7ddc7a476ec7c728846acadb870c46e181eb
755b3393e9f4098c620279b7798863946c6254c5d550c71284d55c7acea74965
77211f7595bf822b2ec0c52c5c78e1400ce3d66885e566342a1c7e6b36a1c3f7
79215bffe21a8b78430c1f72743e4a3a9a6d1fad18a4f00e5e0d993a63ad94cf
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7ba22a5e9ec9615ad47452e1459daeec330a664cf862ad44a5e1cce6147dc899
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7e9559426d647ede464f6570a728dd24346c558a2cdf9c85a652e5bc999bf10e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849c841a6777a9958cd7afbcc045ceabb8a4710e79ed4b0ab00fe27761fbcbcd
84ca6926b16bc0e43451bb954a44ffb6860a196d922d737d25b67296df98e291
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85b0eefd82802df73b213e6aad199c6d5e0ff8d2b57e0c9553bff3688ad279d8
877ec97fe40d52dce8d427adf9b927368a0acc37fb0994367ef9c851114a8c8c
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8f4020cf8cba727ee2fc9374c472d3203155bca766eb553f4540375a96e3ae4f
94a8ab0e7a25c3ae19210bc4b6e014c99780c9058e0ffbc3e70e0f4708229d2c
9924880902b87011459a257b7cd5677eafd11f1de5decc7cde1d5b078f50eaf8
9c29517d31f5827419cfb4f4ff8cd13b478ec5345cfbb24e4f02072c723a87e7
a1ca5c1076aef305d1818eaf73f9e07baa445896b468a76a90bcaa77c86a8a24
a78759ea185fd0fa42ca9be1fc5bca4d3167a2836dc6c85e479a19dbf57fe2c2
aa3547abea3784ceccc2dac8d6ad68455f7dfd84b9995cfacc16983f0ddd0da7
ad68b1eebdd10516b4cd884ca26e3f2f6086efc2a025badffb5f08e7fb110807
afdd5b03f94d18d31b86e4bdf19ad063f6917233f5605f2e4b34d055a2502b0e
b143c7d20fbf7be386e696a25c41d5614c0cbf9f4b2a0da4ee90e64b4832561b
b1ccb8141195307117c737c7f49f99de131fb55290a5f4c1431cc74ca93119dc
b25f6a979763d093294395d25726ad10a6331a95fbf0200bd4322512201e3da2
b6b89e966bdc847fac660edeb60466cfc8e15ea5285ca636bfdc9c9fd59a100b
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
ba44e523c3d8660e95dd14a9accd2f1e1b656ea8a4771efa493abf8c06dfeed6
bbb8a9ae5ce61d328c7904045c107506055c81333bd224b2244e2ff39ae882e6
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c5e63bdbe6253ddd0ab954540da51546003eb5a59c4041e8b3a3de86bc561f63
c61e0903d37b380fad8478328dea15009cdf7582ef6b40d4cb8a85222d3f5ae6
c656c8684af8fe4a72d1a39543d61e5b4ca21cca1556f01c4935bc36227c318b
ca7b35a3aab1b0b1437e7f7928a9ed34ed771079a5b69b19e044917939b43b6e
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc8fc7e4bc6dc3e7c3542bf3f47d1ee6c8a1b930dd4c5d8336b3473a2a7fcf2b
ccb5febf8ac335a1b768a7a2087fa4362cb3a0a9392e2e451df9d9825e88e5db
d19ee3956c38c34ca79c30cc1e688467e1da4d9189cac1aae40d54217e5fc97f
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d403ed2fcf2ead6411a967e57898a25be72540f155f95034108e08486733c21a
d77802915404115b7ae2d56748b9baf61a53e1b9e9c3832885fb63e9e898bcbf
d8198ec4fa67f9e2df1b66e7c21f74e018093e45b2b84b66c2d01a899f45ebca
dbfef1341c9a79d742fc27039bca0f4e3042a48881c21b039d039a451961c6ba
dcb8490278af52f6f2b072d7a31d079a0d47ebcca9857a5231aff930afc93bf8
deb2cc1d9d1ccfba8c95a6a96153fc7de2ec0345a29c899eeb000cc4d6a2c853
e0cf1d4fc4b0cc49212dc6381531dfc4855af0e7257f7013af58b258792899f9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec7d69015be507ee6045d259f50b6cf8ccb52ec7b41ec1bf50fee681683bea60
ec83f9cccd120b3497a09d26618b516b2bd2c8e0e930919c0eda5516991901f6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efabba3678b85fcab831b778ea2ddaad1e2a1e952584d3566bc39b7ccb3429d9
f01bbeff5f592f4367cd86fe097f17e09f9d2c71bbc4087836ac368d1809cdb2
f0694f8df07b8c8263ded99dd085a07c04cbc6a67fed7abbf58d816312027935
f4d712c5a2901b92d4baa6e18554c3db8e5ce1d8f4d3189054e39489b37c982c
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f886442185a1559b3e9fe399279660422eff85dc639a3a29b16c47a8baae0ddc
faa58395059c0affc55d8da780eeb8fae313c723cc9af523054293ce7b3b4a7b
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe46e68c0e6eff0c8baae69190acbbb1b99cc49ab70e97e109537e3da90f4bad
fed11df35baed7ee38458ff705b4b46ed7993830ea46f9b166c7e4d08afb3ab3